Surguja, Chhattisgarh : In a major breakthrough against organized cybercrime, the Cyber Range Police Station in Surguja has busted an interstate cyber fraud racket involved in sending malicious APK files and hacking mobile phones under the pretext of “5G SIM updates” and various government schemes. Six accused cybercriminals were arrested from Deoghar district in Jharkhand for allegedly carrying out large-scale online fraud operations across India.
According to police officials, the gang used fake APK links disguised as updates for 5G SIM activation, PM Awas Yojana, PM Kisan Yojana, RTO challans, and transport-related applications. Once victims clicked on the malicious links, hackers gained complete access to their mobile devices, including OTPs, SMS messages, banking details, and UPI credentials.
The case came to light after a complaint was filed on September 11, 2025, by Umesh Khute, a resident of Pathalgaon in Jashpur district. Khute alleged that fraudsters contacted him under the guise of updating his SIM card to 5G services and subsequently siphoned ₹553,900 from his bank account.
Taking the matter seriously, Surguja Range Inspector General (IG) Deepak Kumar Jha assigned the investigation to the Cyber Range Police Station. Under the guidance of City Superintendent of Police Rahul Bansal, a special police team traveled to Deoghar, Jharkhand, where they conducted a coordinated raid and arrested six accused identified as Santosh Kumar Das, Pappu Mahra, Prayag Das, Rajkumar Mandal, Aryan Kumar, and Nityanand.
During the operation, police seized 10 mobile phones, several bank passbooks, checkbooks, and cash amounting to ₹51,000.
Investigators revealed that the accused were sending fake APK files to nearly 2,500 people every day. Once installed, the malware allowed the gang to remotely control victims’ devices, read incoming OTPs and messages, and execute unauthorized banking transactions. The criminals reportedly used eSIM activation techniques to hijack SIM cards and transfer money through UPI transactions into multiple accounts before withdrawing the funds.
Police further disclosed that the same network had previously been linked to another cyber fraud case in Jashpur district involving the theft of approximately ₹2.9 million.
Authorities are now expanding the investigation to identify additional agents, facilitators, and members connected to the APK fraud syndicate.
Cybercrime officials warned the public against clicking on unknown links or installing APK files received through SMS, WhatsApp, or social media platforms. They emphasized that a single careless click can provide cybercriminals complete access to personal and financial information, making such scams one of the most dangerous forms of digital fraud today.
Officials have urged citizens to verify any SIM upgrade or banking-related request directly through official telecom providers and government portals before taking action.
