The Central Bureau of Investigation (CBI) has filed a charge sheet against 17 accused individuals, including four Chinese nationals, and 58 companies, after unearthing a large and well-organised transnational cyber fraud network operating across multiple States in India.
The agency has identified the foreign handlers as Zou Yi, Huan Liu, Weijian Liu, and Guanhua Wang, at whose instance shell companies were incorporated in India from 2020 onwards.
The breakthrough came with the arrest of three key Indian accused in October 2025. The agency found that a single, coordinated syndicate had created an extensive digital and financial infrastructure to defraud thousands of unsuspecting citizens through misleading loan apps, fake investment schemes, Ponzi and MLM models, bogus part-time job offers, and fraudulent online gaming platforms.
Also Read | CBI charges 30 people, including two Chinese nationals, in ₹1,000 crore cyber scam case
The case was registered based on inputs received from the Indian Cybercrime Coordination Centre under the Ministry of Home Affairs, which indicated that large numbers of citizens were being cheated through online investment and employment schemes.
“Though initially appearing as isolated complaints, a detailed analysis by the CBI revealed striking similarities in the applications used, fund-flow patterns, payment gateways, and digital footprints, pointing towards a common organised conspiracy,” the agency said.
The CBI alleged that the cybercriminals adopted a highly layered and technology-driven modus operandi, involving the use of Google advertisements, bulk SMS campaigns, SIM-box-based messaging systems, cloud infrastructure, fintech platforms, and multiple mule bank accounts.
“Each stage of the operation, from luring victims to the collection and movement of funds, was deliberately structured to conceal the identities of the actual controllers and evade detection by law enforcement agencies,” it said.
During the probe, the CBI unearthed a network of 111 shell companies incorporated using dummy directors, forged or misleading documents, fake addresses, and false statements of business objectives.
“These shell entities were used to open bank accounts and merchant accounts with various payment gateways, enabling rapid layering and diversion of proceeds of crime. Analysis of hundreds of bank accounts revealed that more than ₹1,000 crore was routed through these accounts, with one account alone receiving funds exceeding ₹152 crore within a short span,” the agency said.
EDITORIAL | Cyber crackdown: On the investigation into cyber-crime
Earlier, searches were conducted at 27 locations across Karnataka, Tamil Nadu, Kerala, Andhra Pradesh, Jharkhand, and Haryana, leading to the seizure of digital devices, documents, and financial records, which were examined by forensic experts. Investigators found that foreign nationals were controlling the operations and directing the fraud network from abroad using extensive communication links.
A UPI ID linked to the bank accounts of two Indian accused was found to be active in a foreign location as late as August 2025, conclusively establishing continued foreign control and real-time operational oversight of the fraud infrastructure from outside India.
As directed by the foreign handlers, their Indian associates procured identity documents from unsuspecting individuals and used them to incorporate companies and open bank accounts. These entities were then systematically used to channel proceeds of cyber fraud, which were layered through multiple accounts and platforms to obscure the money trail and final beneficiaries, the agency alleged.
Published – December 14, 2025 12:33 pm IST
