Indian Cyber Police Crack ₹1.27-Crore sophesticated android malware scam, arrest Alleged Mastermind in Cross-State Manhunt
Forensic financial tracing, digital-trail analysis and inter-state coordination helped Kanpur’s Cyber Crime unit dismantle a fraud network that allegedly weaponised fake government-scheme apps and SIM-swap attacks.
KANPUR, INDIA | May 23, 2026
Investigators in the northern Indian city of Kanpur have arrested the man they describe as the principal architect of a sophisticated online-fraud operation that drained more than ₹1.27 crore (about US$1.5 million) from a single victim, in a case officials say showcases the growing technical depth of India’s specialised cyber-policing units.
The accused, identified as 45-year-old Mairaj Ansari, was traced from Kanpur in Uttar Pradesh to the western suburbs of Mumbai — a distance of more than 1,300 kilometres — and detained near Virar West following weeks of forensic work. According to police, the breakthrough rested not on chance but on a methodical fusion of bank-account analysis, technical evidence and digital-trail mapping.
Case Background
The case began in August 2025, when a Kanpur-based transport operator, Mokam Singh, lodged a complaint with the city’s Cyber Crime police station. According to the police account, he had received WhatsApp messages bearing the names of well-known public services — the PM-Kisan farmer-support scheme, an RTO traffic-challan notice and an Aadhaar identity update — each carrying a malicious Android application file.
Police say that once the disguised file was opened, the attackers gained remote access to the victim’s phone. They then allegedly executed a SIM-swap — transferring the victim’s mobile number onto a SIM under their own control — which let them intercept one-time passwords, activate online banking and move money out across a chain of accounts. The total loss recorded in the first information report was ₹1,27,85,779.
What followed is, in the view of officials, a demonstration of how far Indian cyber-investigation has matured. An earlier arrest in the same case — of a co-accused, Arshad Ansari — yielded interrogation leads and technical evidence that surfaced Mairaj Ansari’s name. Investigators then reconstructed the money’s path through layered bank accounts and built a digital profile precise enough to locate a long-absconding suspect in another state.
On May 20, 2026, a team led by Inspector Satish Chandra Yadav, station-in-charge of the Cyber Crime unit, travelled to Mumbai. Acting on an informant’s tip and working alongside Maharashtra’s Bolinj police, officers arrested Ansari near a residential complex in Virar West. Police say two mobile phones and two SIM cards were recovered.
During questioning, police allege, Ansari admitted that he and his associates manufactured forged KYC documents — fake Aadhaar cards, PAN cards and GST paperwork — to open mule bank accounts that received the stolen funds. Investigators further allege that proceeds from the Kanpur fraud were routed through an account in the name “Amar Tiwari” and used to buy roughly ₹54 lakh worth of gold from a Noida bullion refiner, a step police describe as an attempt to launder the money. These statements remain allegations; the case is under investigation and the accused has not been tried.
The investigators behind the breakthrough
Police credited the operation to a coordinated effort overseen by Deputy Commissioner of Police (Crime) Shravan Kumar Singh and Additional Deputy Commissioner of Police (Crime) Anjali Vishwakarma, with the Assistant Commissioner of Police for Cyber Crime leading on the ground. The arresting team comprised:
- Inspector Satish Chandra Yadav — Station-in-charge, Cyber Crime Police Station, Kanpur Nagar
- Sub-Inspector Puneet Tomar — Cyber Crime Police Station, Kanpur Nagar
- Head Constable Sharif Khan — Cyber Crime Police Station, Kanpur Nagar
- Constable Saurabh Pandey — Cyber Crime Police Station, Kanpur Nagar
- Constable Nitin Chaudhary — Cyber Crime Police Station, Kanpur Nagar
- The supporting team of the Bolinj Police Station, Maharashtra Police
Officials say the cross-state cooperation between Uttar Pradesh and Maharashtra forces was central to the result — a reminder that modern financial crime, which moves money across jurisdictions in minutes, increasingly requires policing that can do the same.
A wider warning
The Kanpur Police Commissionerate used the announcement to renew a public-safety appeal. Citizens, it said, should never download unknown links, APK files or suspicious messages, and should contact their telecom provider immediately if a mobile number stops working or the network unexpectedly disappears — often the first sign of a SIM-swap attack.
Victims of cyber fraud, the force added, should report incidents without delay to India’s national cybercrime helpline on 1930 or at cybercrime.gov.in.