The CBI has filed charges against 17 people, including four Chinese nationals, and 58 companies for their alleged role in a multinational cyber fraud ring that has been unravelling. ₹1,000 crore through a sprawling web of entities and digital fraud, officials said on Sunday.
After busting the scam in October, investigators uncovered a single, tightly coordinated syndicate that relied on a sophisticated digital and financial infrastructure to carry out a series of scams. These included misleading loan applications, bogus investment schemes, Ponzi and multi-level marketing models, fake part-time job offers and fraudulent online gaming platforms.
According to the investigative agency’s final report, the group layered the flow of illicit funds through 111 shell companies that routed about ₹1,000 crore through mule accounts. One account received more than ₹152 million in a short period.
The shell companies, the CBI said, were set up using fake directors, forged or misleading documents, false addresses and false statements about business objectives.
“These shell entities were used to open bank accounts and merchant accounts with various payment gateways, allowing for rapid layering and diversion of criminal proceeds,” a CBI spokesperson said in a statement.
Investigators traced the origins of the scam back to 2020, when the country was struggling with the COVID-19 pandemic. The shell companies were allegedly established at the behest of four Chinese manipulators – Zou Yi, Huan Liu, Weijian Liu and Guanhua Wang.
Their Indian associates obtained identity documents from unsuspecting individuals, which were then used to create a network of shell companies and mule accounts to launder the proceeds of the fraud and cover the money trail.
The investigation revealed communications links and operational control that the agency said nailed down the role of Chinese masterminds running the network of fraudsters from abroad.
“Significantly, the UPI IDs linked to the bank accounts of the two Indian accused were found to be active abroad as late as August 2025, conclusively confirming the ongoing foreign control and real-time operational surveillance of the fraud infrastructure from outside India,” the CBI said in a statement.
The investigation found that the extortionists used a highly layered, technology-driven modus operandi, using Google ads, bulk SMS campaigns, SIM-based messaging systems, cloud infrastructure, fintech platforms and multiple mule bank accounts.
“Every stage of the operation – from luring victims to the collection and movement of funds – was deliberately structured to hide the identity of the real controllers and avoid detection by law enforcement,” the spokesman said.
The indictment names 17 individuals, including four Chinese nationals, and 58 companies.
The investigation was launched following a tip-off from India’s Cybercrime Coordination Center (I4C) under the Ministry of Home Affairs, which highlighted widespread cheating of citizens through online investment and employment schemes, leading to the arrest of three people in October.
“Although initially appearing to be isolated complaints, CBI’s detailed analysis revealed striking similarities in the applications used, fund flow patterns, payment gateways and digital footprints, pointing to a common organized conspiracy,” the agency said.
Following the October arrests, the CBI conducted searches at 27 locations in Karnataka, Tamil Nadu, Kerala, Andhra Pradesh, Jharkhand and Haryana, seizing digital devices, documents and financial records, which were later subjected to detailed forensic examination.
