Cyber fraud racket using fully undetected APK files busted; two arrested: Delhi Police

The Delhi Police has busted a cyber fraud racket involving the use of malicious mobile applications to gain remote access to victims' phones and arrested two persons, including the alleged mastermind from Uttar Pradesh, an officer said on Tuesday.

The accused allegedly developed and supplied ''FUD'' (fully undetected) APK files -- malicious applications designed to bypass antivirus and security systems -- to cyber fraudsters operating across the country, he said.

The case stems from a complaint lodged in July 2025 by a man who was cheated of over Rs 1.2 lakh after receiving a fake call claiming that his electricity connection would be disconnected if immediate payment was not made.

According to police, the caller sent a ''customer support APK'' file to the complainant via WhatsApp and persuaded him to install it on his mobile phone. Soon after the installation, the fraudsters gained remote access to the device and siphoned off money through multiple unauthorised transactions.

A case was registered, and a specialised team launched an investigation involving technical surveillance and digital analysis.

During the probe, police identified one accused, Umesh Kumar Rajak (25), a resident of Gorakhpur in Uttar Pradesh, who was arrested earlier in December 2025 for allegedly procuring and using malicious APKs in cyber fraud cases.

Further analysis of digital trails and online messaging application communication led investigators to Abhay Sahani (25), a resident of Deoria in Uttar Pradesh, who was allegedly operating Telegram channels used for supplying the malware.

A police team later conducted a raid in Deoria and arrested Sahani on May 14, officials said.

''During interrogation, the accused disclosed that he used to develop, modify and sell malicious APK files to cyber fraudsters for around Rs 4,000 per APK,'' a senior police officer said.

Police said Sahani had studied only up to class 8 and allegedly learnt cyber fraud techniques, APK development and remote-access exploitation through videos, online groups and social media platforms.

He allegedly admitted to selling around 40 to 50 malicious APKs to fraudsters and participating in cheating 20 to 25 victims through similar methods, police said.

According to investigators, the applications were specifically designed to evade security detection systems and were used to obtain unauthorised access to victims' phones for fraudulent financial transactions.

''Police recovered 11 mobile phones, including five iPhones and three Google Pixel devices, 11 debit cards, eight SIM cards and a Ledger Nano S Plus crypto hardware wallet from Sahani's possession. A car allegedly purchased in his brother's name is also under verification,'' Deputy Commissioner of Police (Central) Rohit Rajbir Singh said in a statement.

Officials said further investigation is underway to trace the wider network, financial transactions and possible links with organised cyber fraud syndicates operating in different states.