KARAULI (RAJASTHAN): In the age of Digital India, cybercriminals are now weaponizing your health concerns and trust. The Karauli Cyber Police recently dismantled a high-tech interstate syndicate that exploited citizens seeking medical appointments to orchestrate a massive financial heist across 24 Indian states. This crackdown, part of ‘Operation Anti-Virus 2.0’, has exposed a network far more sophisticated and technically advanced than previously imagined.
‘Operation Anti-Virus 2.0’: A Strategic Breakthrough
Acting on intelligence gathered through data mining and technical surveillance, the Cyber Police—under the direction of District Superintendent of Police (SP) Lokesh Sonwal—apprehended Vishnu Meena, a resident of Sawai Madhopur. The investigation reveals that Meena is a crucial node in a vast syndicate stretching from Rajasthan to South India.
The Modus Operandi: A Calculated Psychological Trap
The syndicate’s methodology is so seamless that even tech-savvy individuals can fall prey. According to police records, the scam unfolds in four calculated stages:
- Search Engine Manipulation: Criminals injected their fraudulent mobile numbers into the Google Maps profiles and search listings of reputable hospitals and specialist doctors.
- Building False Trust: When victims called for an appointment, the scammers spoke professionally, providing accurate details about doctor availability and consultation fees to lower the victim’s guard.
- The Lethal APK Payload: Under the guise of “confirming the slot,” the scammers sent a file named ‘TOKEN BOOK.APK’. Once the victim installed this file, the attackers gained Remote Access to the smartphone.
- The “Invisible” Theft: The malicious app allowed scammers to mirror the victim’s screen and forward incoming SMS (including OTPs) silently. In one instance, a victim lost ₹3.16 Lakhs instantly, with the criminals bypassing all traditional banking security layers.
Crimes in Numbers: A Billion-Rupee Shadow Empire
Data retrieved from the National Cyber Crime Portal (1930) has sent shockwaves through the investigative teams:
- 24-State Connection: Complaints against this syndicate have been registered in states including Uttar Pradesh, Maharashtra, Delhi, and Madhya Pradesh.
- 520+ Registered Cases: A single bank account linked to the accused was found connected to over 520 distinct cybercrimes.
- ₹9.18 Crore Transaction: In Rajasthan alone, over ₹9 crore was funneled into this specific account. Police suspect the total nationwide fraud could run into billions of rupees.
Money Laundering via “Shell” Firms
To legitimize the stolen funds, the syndicate established a shell company named ‘AK Fashion and Garment’ in Churu. They utilized the firm’s current account as a “Money Mule” account. As soon as stolen money landed, it was layered through multiple digital wallets and smaller accounts to prevent authorities from freezing the funds in time.
Expert Guidelines: 4 Golden Rules for Digital Safety
Cybersecurity experts emphasize that in the face of such evolved threats, awareness is the only foolproof defense:
- Scrutinize Google Listings: Numbers found on Google Search are often user-generated and easily manipulated. Always verify contact details via the official hospital website (look for
.edu,.org, or official government portals). - The “No-APK” Rule: Never install apps (APK files) from outside the Google Play Store or Apple App Store. An external APK is effectively “digital poison” for your privacy.
- Audit App Permissions: Be extremely wary if an app requests ‘Accessibility’ or ‘SMS’ permissions. These allow criminals to read your messages and control your device remotely.
- The Golden Hour: If you are defrauded, the first 1-2 hours are critical. Call 1930 immediately. Rapid reporting increases the chance of the bank “locking” the stolen funds before the criminal can withdraw them.
Disclaimer
This report is based on recent law enforcement actions and available cybercrime data. It is intended for public awareness and educational purposes. Always verify the authenticity of any online platform or service provider before sharing financial or personal information. Cybersecurity is a shared responsibility.