Updated: August 24, 2021 7:16:15 am
Two years after Rs 11.5 crore was stolen from the Karnataka government’s e-governance centre by a hacker, investigators are yet to account for nearly Rs six crore of the stolen funds siphoned to bank accounts in Maharashtra and Uttar Pradesh, using an elaborate network
Although an investigation of the theft by the cybercrime unit of the CID police in Karnataka has resulted in the naming of as many as 20 accused persons in the case, the probe has also found that many individuals linked to the stolen funds were probably unaware of the source of the money when large deposits were made into their bank accounts by the main suspects.
A money laundering investigation of the stolen funds by the directorate of enforcement (ED) recently resulted in the provisional attachment of Rs 1.44 crore that was lying in 14 bank accounts linked to M/s Nimmi Enterprises, a firm in Uttar Pradesh’s Bulandshahr, where a sum of Rs 1.05 crore was found to have been illegally transferred when the cyberheist was first discovered in August 2019.
“A major portion of the stolen funds – nearly Rs six crore – is still not recovered. Some of the accused are believed to have received the stolen money in cash in the elaborate layering process in which the money was stolen and utilized,” a senior police officer said.
The main accused in the hacking of the e-procurement cell at Karnataka’s centre for e-governance is a 25-year-old hacker Srikrishna Ramesh alias Sriki – whose computer hacking skills were allegedly used by affluent gangs he has been a part of in Bengaluru, including close associates and kin of political leaders in the state to carry out online attacks and thefts.
The police have identified a gang comprising the son of a doctor, a law student, two sons of a former bank director among those who used the services of Srikrishna to hack the e-procurement cell’s funds, which are Earnest Money Deposits (EDM) made by bidders, in the month of July 2019.
The gang, initially, placed the stolen funds in the bank account of an NGO Uday Grama Vikash Sanstha in Nagpur and a private trading firm Nimmi Enterprises in Bulandshahr, before moving the funds to various other accounts in smaller sums – disguised as payments for non-existent services rendered to the NGO and Nimmi Enterprises, a CID and ED probe has found.
The hacking was first discovered on July 30, 2019, by a financial consultant with the e-procurement cell while checking the approved list of EMD refunds. The consultant found that an unauthorized instruction was issued for the unique registration number used by the Karnataka government for online banking to transfer Rs 7.37 crore as an EMD payment despite the state government not approving the refund. The transfer of the Rs 7.37 crore funds was stopped by the state e-procurement cell before it could be executed.
However, further analysis of the approved list of EMD fund transfers by the e-procurement cell revealed that on July 1, 2019, unauthorized instructions were issued for the transfer of Rs.1.05 crores of EMD funds from the e-procurement cell to the account of a firm Nimmi Enterprises in UP.
A police complaint was initially lodged on August 7, 2019, by the financial consultant S K Shailaja over the missing Rs 1.05 crore of EMD funds.
A few days later it was discovered that another “unauthorized EMD refund instruction” of Rs 10.50 crores was issued on July 9, 2019, where the funds were fraudulently transferred to an ICICI bank account of an NGO, Udaya Grama Vikas Samstha, in Nagpur. This discovery of the cyber theft of Rs 10.50 crores was reported to the police by the state officials on August 25, 2019.
The investigations by the cybercrime unit of the Karnataka CID police initially focussed on the computer forensics of how the accounts of the e-procurement cell were hacked and the money trail of the persons to whom the stolen money was transferred. “The forensic analysis revealed the possible role of the hacker Srikrishna in the early part of the probe,” police sources said.
“During the investigation of the case the flow of proceeds of the crime was analysed and accounts of main beneficiaries and secondary beneficiaries were identified, verified and the respective banks were instructed to freeze beneficiary accounts,” state prosecutors in the case have stated in court.
Among those who have been named in the case so far – apart from the hacker Srikrishna and nearly eight members of the Bengaluru gang he was associated with – is Rathnakar Valke, the secretary of the Udaya Grama Vikas Samstha NGO in Nagpur, his wife who was treasurer of the NGO, and two of his associates Randhir Ashar and Nitin Pundalik from Nagpur, who allegedly asked the NGO official to create the bank accounts where the Rs 10.5 crore stolen funds was transferred by the hackers. Ashar and Pundalik were reportedly procurement agents for the Udaya Grama Vikasa Samstha.
The CID probe found that Rs Two crore of the Rs 10.5 crore deposited with an ICICI bank account of the NGO was transferred to the account of Rajkumar Sanklecha, the proprietor of a Mumbai firm Vardhaman Wires and Cable. Sanklecha argued during anticipatory bail hearings that he only received a payment from the NGO for supplying electrical cables and that he was not aware of the source of the funds transferred to him. An amount of Rs 40 lakh of the stolen funds was also found to have been transferred to the account of a New Delhi businessman Sushil Chandra.
At least eight persons linked to the hacking gang in Bengaluru are alleged to have carried the stolen funds in cash from various places, after the layering of the funds, to deliver it to the main accused.
“Uday Grama Vikash Sanstha, Nagpur layered the received funds into the bank accounts of various vendors/traders in the guise of business transactions i.e. without actual purchase/sale of goods by their NGO. Similarly, M/s. Nimmi Enterprises, Bulandshahar, Uttar Pradesh layered the received funds into the bank accounts of various vendors/persons in the guise of business transactions and personal loans,” the ED said this month after attaching Rs 1.44 crore linked to the cyberheist.
“During the money-laundering investigation, it is revealed that a hacker namely Srikrishna alias Sriki had hacked the portal of Centre for E-Governance, Government of Karnataka and funds to the tune of Rs 10.5 Crore and Rs 1.05 Crore were diverted to bank accounts of NGO, M/s. Uday Grama Vikash Sanstha, Nagpur and Proprietorship, M/s. Nimmi Enterprises, Bulandshahr, Uttar Pradesh respectively,” the ED statement said.
The cybercrime unit of the CID police is still investigating the case and is yet to file a chargesheet. The ED also continues to investigate the case.
📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines
- The Indian Express website has been rated GREEN for its credibility and trustworthiness by Newsguard, a global service that rates news sources for their journalistic standards.