Delhi Police nabs man from Jamtara for supplying remote-access app used in online frauds 

The Delhi Police has apprehended a 26-year-old man from the Jamtara area of Jharkhand for allegedly developing and supplying a malicious remote-access mobile application used in multiple cases of online fraud, an official said on Friday.

The accused, identified as Umesh Kumar Rajak, was apprehended from Deoghar on December 5 following a technical investigation into a case in which a Delhi resident was duped of Rs 1.2 lakh through cyber fraud, police said.

"The complainant, a resident of Minto Road, had received a call on July 29 from a man impersonating as an electricity department official who warned him that his meter would be disconnected. The caller then sent him a 'Customer Support' APK file and induced the victim to install it on his phone," Deputy Commissioner of Police (Central) Nidhin Valsan said.

Once installed, the APK enabled remote access to the victim's device, allowing the fraudster to transfer money through his digital payment applications, the DCP said.

Police have registered a case under the relevant sections of the BNS. During the investigation, police examined IP logs, digital money trails and the backend structure of the APK file.

Investigators found that the app was a FUD (Fully Undetected) Customer Support APK -- commonly used by cyber-criminals to bypass security filters and gain full access to mobile devices.

Police said Rajak, a BA graduate and a resident of Jamtara -- often referred to as a cyber fraud hotspot -- was supplying customised malicious APKs to fraudsters across regions for about Rs 15,000 each.

"He regularly updated the APK to ensure it remained undetected by security systems," the officer added.

Three high-end Android mobile phones allegedly used to develop, modify and distribute the APK were recovered from him, along with digital evidence containing distribution logs, chats and transaction records.

Rajak is previously involved in two cases registered in Mumbai and Ranchi under Section 318 (cheating) of the Bharatiya Nyaya Sanhita (BNS) and the IT Act, police said.

Further investigation is underway to trace other beneficiaries of the APK, identify additional victims and examine digital evidence to uncover the wider network, police added.