Probe into Rs 11.5-cr Karnataka cyber theft: ED attaches Rs 1.44 cr in accounts linked to UP firm

In a case involving a notorious computer hacker and his gang, who are accused of stealing Rs 11.5 crore in 2019 from the e-procurement cell of Karnataka’s Centre for E-governance, the Enforcement Directorate (ED) has attached Rs 1.44 crore found in accounts linked to a firm in Bulandshahr, Uttar Pradesh.

The Rs 1.44 crore found lying in 14 accounts linked to Nimmi Enterprises, which has been attached by the ED, as part of a money laundering probe in the 2019 hacking and robbery case, is suspected to be part of the Rs 11.5 crore stolen from the Karnataka government by 25-year-old hacker Srikrishna Ramesh alias Sriki and his gang from Bengaluru.

Srikrishna is accused in multiple crimes in Bengaluru ranging from purchase of drugs via the darknet using bitcoins, theft of bitcoins, hacking of poker gaming sites, cheating people by promising crypto currency profits and also a 2018 case of assault.

While Bengaluru police crime branch, cyber cell and the state CID cyber cell are pursuing multiple cases against him, the ED has looked at the money laundering aspect in the 2019 cyber robbery of Rs 11.5 crore.

“During the money laundering investigation, it was revealed that a hacker namely Srikrishna alias Sriki had hacked the portal of the Centre for E-Governance, Government of Karnataka and funds to the tune of Rs 10.5 Crore and Rs 1.05 Crore were diverted to bank accounts of [an] NGO, M/s Uday Grama Vikash Sanstha, Nagpur and a proprietorship, M/s Nimmi Enterprises, Bulandshahr, Uttar Pradesh respectively,” the ED said in a statement on Monday.

“Thereafter, M/s Uday Grama Vikash Sanstha, Nagpur layered the received funds into the bank accounts of various vendors/traders in the guise of business transactions i.e. without actual purchase/sale of goods by their NGO. Similarly, M/s Nimmi Enterprises, Bulandshahr, Uttar Pradesh layered the received funds into the bank accounts of various vendors/persons in the guise of business transactions and personal loans,” it stated.

The agency has “provisionally attached an amount of Rs 1.44 crore lying in the 14 bank accounts under PMLA, 2002 in a cyber crime case against M/s Nimmi Enterprises and others”.

In August 2019, S K Shylaja, a financial consultant with the e-procurement cell of Centre for E-governance had filed a complaint with the CID cyber crime police station, saying she had found unauthorised refunds of earnest money deposits (EMD) made by bidders to qualify for government tenders.

Shylaja said on July 30, 2019, “while checking the approved list of EMD refunds”, she noticed an unauthorised instruction for EMD payment of Rs 7,37,13,000. According to the case registered by the CID cyber police, “she informed the banking partner M/s ICICI Bank Limited to stop refunds”.

The application service provider informed the government that the “EMD refund subsystem of the e-procurement portal was accessed unauthorisedly using JSPSPY tool”. An early probe in the case found that Rs 1.05 crore that was transferred had gone to a firm called Nimmi Enterprises in UP.

The police found the involvement of Srikrishna after he was arrested in November 2020 in connection with a separate case related to purchase of ganja on the darknet. He was also found involved in multiple other crimes.

A senior crime branch official said following Srikrishna’s arrest it was revealed that he and his associates had allegedly hacked three bitcoin exchanges, multiple poker gaming sites and other websites. The police initially claim to have recovered 31 bitcoins valued at Rs 9 crore from the hacker but it was later reportedly found that Srikrishna had tricked the police into believing he had access to the 31 bitcoins in an exchange, sources said.

According to statements made by state public prosecutors during bail hearings of cases against Srikrishna, the hacker and his gang have been living the high life since they were teenagers.

From 2015, Srikrishna and his associates rented rooms in big hotels and resorts to carry out hacking and other activities, according to the police. Initially, one of the activities the gang was involved with was hijacking websites and demanding ransom for the release of the sites. They later allegedly moved to taking over bitcoin currency sites and poker gaming sites.

In one of the cases, the director of an online gaming company, Pacific Gaming Pvt Ltd, Arvind Balakrishna, alleged that the hackers had stolen data from two online gaming brands operated by the firm Casino 143 and Poker Saint – causing huge losses to the firm.

In another case filed by Puneet Singh, the owner of a gaming firm Baazi Networks Private Ltd, in 2018, Srikrishna and his gang are accused of hacking the KYC information of customers of the firm and the alleged illegal transfer of Rs 70 lakh to the account of a company called Infizy IT Solutions Private Limited.

“Sriki’s hacking skills were used by different gangs for ransomware attacks and other illegal online activities. He was virtually held in captivity by some associates in order to hack sites to gain illegal access to funds,” police sources said.

In 2018 Srikrishna was at the centre of a pub brawl in central Bengaluru where a gang linked to a politician’s son attacked a former associate of the hacker. Police sources said the bone of contention in the pub brawl was the hacking services of Srikrishna.