CBI Uncovers Nationwide Cybercrime Syndicate Using 20,000+ Illegal SIM Cards Under Operation Chakra-V

CBI Uncovers Large-Scale Cybercrime Syndicate Using Over 20,000 Illegally Procured SIM Cards

NEW DELHI: In a major breakthrough against organised cyber fraud, the Central Bureau of Investigation (CBI) has dismantled a sophisticated cybercrime syndicate that was operating a large-scale phishing and fraud network using more than 20,000 illegally obtained SIM cards. The network was unearthed following coordinated raids conducted across Delhi, Noida and Chandigarh, leading to the exposure of a fully operational “phishing factory” equipped with advanced telecom and digital infrastructure.

The agency has arrested three key accused — Sonveer Singh, Maneesh Upreti and Himalaya — in connection with the case. The arrests were made under Operation Chakra-V, a specialised initiative launched by the CBI to identify, disrupt and dismantle the core infrastructure enabling cybercrime activities across the country.

Sophisticated Infrastructure and Seizures

During the searches, investigators recovered a highly advanced technical setup comprising SIM boxes, high-capacity servers, telecommunication devices, USB hubs, dongles and thousands of active SIM cards. According to officials, this infrastructure was capable of generating and transmitting lakhs of phishing messages and automated calls on a daily basis. In addition, the CBI seized unaccounted cash and cryptocurrency assets, pointing towards the monetisation of cyber fraud on a significant scale.

Modus Operandi of the Cybercrime Network

Preliminary findings indicate that the syndicate provided bulk SMS and call-routing services to a wide network of cyber criminals operating both within India and abroad. By exploiting SIM box technology, the accused were able to mask international calls as domestic communications, evade telecom monitoring mechanisms and bypass Department of Telecommunications (DoT) regulations.

The fraudulent messages typically promoted fake loan offers, fraudulent investment schemes and misleading financial incentives, with the primary objective of extracting sensitive personal and banking information from unsuspecting victims. These activities resulted in large-scale financial fraud and identity theft.

Illegal SIM Procurement and KYC Manipulation

A critical aspect of the investigation relates to the systematic violation of telecom norms. The CBI revealed that approximately 21,000 SIM cards were procured in direct contravention of DoT guidelines. Between 2020 and 2025, the accused firm allegedly obtained 20,986 mobile connections, including 7,721 SIM cards during the 2024–25 period alone.

Investigators found that the company submitted false and fabricated end-user details, repeatedly using the same identity documents to obtain multiple SIM cards. In one instance, 90 SIM cards were issued in the names of just 10 individuals, while another case showed 1,000 mobile numbers linked to only 143 persons across the country. Such practices highlight serious vulnerabilities in the SIM issuance and KYC verification framework.

Role of Telecom Intermediaries Under Scanner

The investigation has also brought to light the suspected involvement of certain telecom channel partners and their employees, who allegedly facilitated the illegal procurement and activation of SIM cards. Officials noted that such large-scale violations would not have been possible without institutional collusion or gross negligence within parts of the telecom distribution ecosystem.

Technical Red Flags and Digital Evidence

Technical analysis of call records revealed several indicators consistent with SIM box operations. Certain SIMs were found to be functioning across 203 to 387 different IMEI numbers, generating one-second automated calls, a pattern typically associated with IMEI tampering and machine-to-machine (M2M) communication. All such practices are explicitly prohibited under DoT regulations.

Call Detail Records (CDRs) further established that the usage of these SIMs was concentrated around the firm’s registered address in Delhi and an office facility located in Noida, strengthening the link between the accused entity and the illegal operations. Notably, six of the analysed mobile numbers were already associated with cybercrime complaints registered on the national cybercrime reporting portal.

Case Registration and Ongoing Probe

Based on the findings, the CBI registered a case against M/s Lord Mahavira Services India Pvt Ltd, which is alleged to have operated the illegal messaging and call-routing system. The agency is now focusing on financial trail analysis, identification of end beneficiaries and mapping of cross-border cybercrime linkages.

Broader Implications

Officials described the case as a serious national concern, underscoring how telecom infrastructure is increasingly being exploited to facilitate cyber fraud. The exposure of foreign cyber criminals using India-based SIM networks also raises questions about cross-border cyber security risks and the need for stronger regulatory oversight and enforcement mechanisms.

Conclusion

The case highlights the evolving and industrial-scale nature of cybercrime, where fraud is no longer driven by isolated actors but by well-organised networks supported by advanced technology and systemic loopholes. While Operation Chakra-V represents a decisive step towards dismantling such networks, experts stress the need for stricter KYC enforcement, enhanced telecom audits, accountability of intermediaries and inter-agency coordination to prevent similar abuses in the future.

The investigation remains ongoing, with further arrests and disclosures likely as the CBI continues to unravel the full extent of the cybercrime syndicate.

Follow cyberdeepakyadav.com on

 Facebook, Twitter, LinkedIn, Instagram, and YouTube