The CBI Registers Case of Alleged Hacking AndUnauthorised Online Transactions Involving $1.41 Million.


The Central Bureau of Investigation (CBI) on Monday registered a case against an on-site resource of Yalamanchili Software operations team, which provides the prepaid card application.

The accused, Sandeep Kumar Poojary is culpable of hacking a foreign travel card database and 374 unauthorised online transactions involving $1.41 million through three prepaid cards issued by the State Bank of India (SBI).

There are as yet many suspected to be involved with this case registered under various provisions of the IPC and the IT Act.

“Manpower resources for handling the system operations were also provided by Yalamanchili Software...”said SBI, in its complaints.

The wakeup call actually came up a year ago in February, when Yalamanchili software's COO reported the incidence to the bank, expressing that the balance in the prepaid card system had been modified deceitfully for authorisation of three foreign travel cards having a place with a solitary client.

The authorisation was said to have occurred over online business sites (e-commerce websites) of four shippers predominantly: Neteller.com, Entropay, Swiftvoucher and Skrill.com and these exchanges were carried out from November 8, 2016 to February 12, 2017.

The bank's NRI Seawoods branch in Navi Mumbai issued the primary card on November 7, 2016. Two more add-ons were issued to the user on November 29 and December 7, 2016, by the same branch.

As indicated by the FIR, the merchant transactions came by the means of VISA with the nation code as Great Britain, and the transaction and billing currency as U.S. dollars.

While the exchanges occurred on the prepaid card system, the balance seemed to have been modified manually by means of the Oracle Database access; the Yalamanchili Software Exports told the bank. Post authorisation the settlement transactions and authorisation alongside the general ledger entry was deleted.

The balance sheet generated on the prepaid card system therefore, did not display any difference.
 Additionally the bank added that after the swindling was identified, SBI managed successfully to block the three cards, banish the users from transacting on the four merchant sites, and abrogated the privilege of application user for executing database package.


Tatkal Ticket Scam Uncovered, CBI Official Arrested

Ajay Garg, an assistant programmer at the Central Bureau of Investigation (CBI), has been arrested by his own agency for developing a software that exploits the vulnerabilities of the IRCTC railway ticketing system to book over 1000 Tatkal tickets at a time.

Ajay joined CBI in 2012 and had been working with IRCTC previously for five years (2007-2011).

Rather than reporting the vulnerabilities found by him, Garg instead used them for his own gain and amassed a huge wealth by making his software available to travel agents through his accomplice Anil Gupta, who can then easily book Tatkal tickets for clients for a fee using the software.

As seats are limited, by the time the users fill in their details, the Tatkal quota is already booked. So the users turn to travel agents who can book these tickets using the software. These tickets are genuine and the payments of the tickets go to the railways, according to officials.

However, in addition to the cost of the software, there is a charge on every ticket booked using the software, which is paid to Garg using a complex system of Indian and foreign servers, online masking, and cryptocurrencies like bitcoin.

“Use of such software is illegal as per rules and regulations of IRCTC and also under the Railways Act,” Abhishek Dayal, CBI spokesperson, said.

Garg and Gupta, along with 13 others including Garg’s family members and travel agents, have been arrested.

According to Dayal, the CBI has carried out searches at 14 locations in Delhi, Mumbai, and Jaunpur during which it recovered Rs 89.42 lakh in cash, gold jewellery valued at Rs 61.29 lakh, 15 laptops, 15 hard disks, 52 mobile phones, 24 SIM cards, 10 notebooks, 6 routers, 4 dongles, and 19 pen drives.

Both Garg and Gupta have been sent to a five-day CBI custody by a court.