Delhi Police Uncover FUD Malware Network: ₹1.2 Lakh Fraud Leads to Arrest of Jharkhand-Based Developer

A Delhi resident recently lost ₹1.2 lakh after installing what appeared to be a routine “customer support” application, prompting investigators to look deeper into what initially seemed like a common impersonation scam. The July call followed a familiar social-engineering script—an individual posing as an electricity department official warned the victim that power supply would be disconnected unless immediate action was taken.

What set this case apart was not the deception but the technology behind it. The shared file, an Android Package Kit (APK), granted remote access to the victim’s device, enabling operators to navigate payment and banking applications in real time. Using digital fingerprints, backend code, and IP logs embedded in the malware, Delhi Police traced the operation to Deoghar, Jharkhand, where a 26-year-old man, Umesh Kumar Rajak, was arrested. Rajak is believed to have supplied the malicious software rather than making fraudulent calls himself.

Inside the Mechanics of a ‘Fully Undetected’ App

Investigators found that the APK was a FUD (Fully Undetected) Customer Support App—a class of malware specifically engineered to bypass antivirus systems and Android security protocols. Once installed, such applications can mirror device screens, capture one-time passwords (OTPs), and authorise transactions silently, without raising user suspicion.

Police officials say Rajak frequently modified and updated the code to stay ahead of security patches released by handset manufacturers and app stores. Each customised version was allegedly sold to fraud operators for approximately ₹15,000, reflecting how low-cost and accessible sophisticated cybercrime tools have become.

Three high-end Android smartphones recovered during the arrest contained detailed logs and transaction records, offering investigators a rare view into how such malware is developed, tested, and distributed.

Jamtara and the Economics of Cybercrime

Rajak hails from Jamtara, a district widely recognised as a hub of cyber fraud in India. Over the years, the region has been linked to a variety of digital crimes, including phishing scams, call-centre fraud, and online extortion.

Police describe Rajak as a BA graduate who operated at the technical periphery of this ecosystem. He allegedly provided the backend infrastructure while others managed victim interactions. Rajak has previously been named in cases registered in Mumbai and Ranchi under sections of the Bharatiya Nyaya Sanhita and the Information Technology Act.

Authorities note that this division of labour—with developers, callers, and money mules operating from different locations—makes such networks difficult to dismantle, even when arrests are made.

A Wider Network Under Investigation

Delhi Police emphasise that Rajak’s arrest is only the beginning of a broader probe. Investigators are now examining digital evidence to identify additional fraudsters who purchased the malicious APK, along with other potential victims who may not have reported their losses.

The case underscores a larger challenge: while public advisories often warn citizens against clicking unknown links or installing unverified applications, far less scrutiny is directed at the underground market where such cybercrime tools are designed and traded.

As smartphones continue to form the backbone of everyday financial transactions, authorities warn that even small, inexpensive pieces of code can have outsized consequences—quietly transferring funds, compromising trust, and sustaining a growing shadow cyber economy that reaches far beyond a single arrest in Deoghar.

Follow cyberdeepakyadav.com on

 Facebook, Twitter, LinkedIn, Instagram, and YouTube