Background and Timeline: The Gujarat Police Cyber Centre of Excellence announced a massive breakthrough on Wednesday regarding a nationwide financial siphoning network. The investigation was accelerated following a critical intelligence tip-off from the Financial Intelligence Unit (FIU) in Delhi, which flagged a high concentration of suspicious transaction surges. On January 21, 2026, authorities executed synchronized raids in Surat as part of a state-wide crackdown on mule account aggregators who have been operating for over a year.   

Modus Operandi: The syndicate specialized in creating “corporate mule infrastructure” by establishing nine fictitious firms to give a veneer of legitimacy to their banking operations. These firms were used to open 82 high-limit current accounts using forged or misleading documentation, providing organized gangs with complete banking access. The accused handed over cheque books, ATM cards, and digital credentials to international cyber mafias, who then utilized SMS, WhatsApp, and Telegram to lure citizens into fraudulent high-yield plans.   

Victims and Financial Impact: The network is linked to a staggering 1,229 separate cybercrime cases registered across multiple Indian states, representing a total fraud value of over ₹826 crore. Money deposited into these accounts was not held for long; it was swiftly transferred through layers of secondary accounts to evade detection. Investigators confirmed that once the digital trail was sufficiently obscured, the proceeds were either withdrawn as cash or routed through illicit hawala channels to foreign endpoints.   

Investigation and Agencies Involved: The operation was led by the Gujarat CID Crime’s specialized cyber unit under the supervision of Superintendent of Police Rajdeepsinh Zala. The Cyber Centre of Excellence worked in close coordination with the Gandhinagar technical cell and the Union Ministry of Home Affairs’ I4C. Technical forensics teams analyzed transaction logs and digital footprints to map the link between the Surat-based aggregators and Chinese-backed cyber mafias operating from Southeast Asia.   

Arrests and Suspects: Eight individuals were arrested in Surat, identified as Abdulrab Abdul Qadir Chambadiya, Faizan Hanif Jusani, Sheikh Mohammed Zuber Mehboob, and Mohammad Noor Ahmad Merchant. Other suspects include Yasin Noor Ahmed Merchant, Sarfaraz Mohammed Rafiq Juneja, Sheikh Sajid Mayuddin, and Memon Abdul Razak Ahmed. Authorities seized evidence of hawala ledger accounts and crypto-wallet addresses from the suspects’ devices, which are now being used to trace the final destination of the siphoned ₹826 crore.   

Broader Implications and Trends: This case highlights a disturbing trend where local Indian operatives act as the domestic gateway for international syndicates by providing a steady supply of mule current accounts. It underscores the critical importance of the “Operation Mule Hunt” initiative in disrupting the financial logistics that allow transnational cyber gangs to operate within India. Police have warned that renting out accounts for commission is a serious offense that will result in immediate inclusion in national fraud blacklists.