Surat cyber fraud: Two held from Ujjain for supplying account used in ₹24.40 lakh APK scam

Share:
Audio Loading voice…
Surat cyber fraud: Two held from Ujjain for supplying account used in ₹24.40 lakh APK scam

Synopsis

A fake RTO e-challan APK file quietly drained ₹24.40 lakh from a Surat resident's account — and the men who made it possible weren't hackers, but commission-based bank account suppliers from Ujjain. The Surat Cyber Crime Cell's cross-state operation exposes a growing mule-account ecosystem that powers India's APK phishing underworld.

Key Takeaways

The Surat Cyber Crime Cell arrested Ritik Bali, 26 , and Tinku Parmar, 44 , from Ujjain, Madhya Pradesh , on 7 July .
A Surat resident lost ₹24.40 lakh after downloading a fraudulent 'E-Chalan.apk' file that compromised his mobile phone.
The accused allegedly procured a UCO Bank account and supplied it to the fraud network for commissions of ₹4,000 and ₹8,000 respectively.
Transactions of ₹7,63,415 were routed through the same UCO Bank account between 12 January and 31 May .
The NCCRP flagged two additional fraud complaints from Bihar linked to the same account, totalling ₹70,500 in losses.
The principal accused in the fraud network remains at large; investigation is ongoing.

The Surat Cyber Crime Cell on Tuesday, 7 July arrested two men from Ujjain, Madhya Pradesh, for allegedly procuring and supplying a bank account used to siphon ₹24.40 lakh from a Surat resident who had downloaded a counterfeit RTO e-challan APK file that gave fraudsters remote access to his mobile phone. The arrests mark a significant breakthrough in a case that unfolded over four months earlier this year.

How the Fraud Was Carried Out

According to police, the fraud occurred between 21 January and 25 May this year. The victim received a fraudulent digital file named 'E-Chalan.apk', disguised as an official RTO e-challan application. Once installed, the APK compromised the victim's handset, enabling the accused to covertly transfer ₹24.40 lakh across three separate bank accounts without the victim's knowledge or consent.

Investigators found that ₹7,63,415 passed through a UCO Bank account linked to an Ujjain-based account holder between 12 January and 31 May. A check on the National Cyber Crime Reporting Portal (NCCRP) further revealed two additional fraud complaints from Bihar involving the same account, with combined losses of ₹70,500.

Who Was Arrested and Their Role

The two accused have been identified as Ritik Bali, 26, a labourer from Badnagar, Ujjain district, and Tinku Parmar, 44, an unemployed resident of the same town. Police allege that Bali arranged for a fresh UCO Bank account to be opened, obtained the account kit, and handed it to Parmar in exchange for a commission of ₹4,000. Parmar allegedly collected the kit and passed it on to an absconding member of the fraud network, receiving ₹8,000 in return.

The actual account holder — a friend of Bali — was himself found to have been deceived, according to Deputy Commissioner of Police (Cyber Cell) Bishakha Jain. 'Technical analysis revealed that the money had been transferred to a UCO Bank account belonging to an account holder in Ujjain. A team went to Ujjain, where questioning the account holder revealed that he, too, had been deceived. The account holder is a friend of Ritik,' she said.

The Investigation Trail

The arrests were executed by a team led by Police Inspector M.C. Nayak, operating on directions from senior officials and combining technical surveillance with human intelligence. DCP Jain confirmed that both accused are in custody and have been produced before the court. 'They were associated with the main cyber fraud gang and obtained bank accounts from account holders on commission before supplying them to the principal accused,' she said. A primary suspect remains at large.

A case has been registered at Surat Cyber Crime Police Station under Sections 318(4), 336(2), 338, 336(3), 340(2), 61(2), 3(5) of the Bharatiya Nyaya Sanhita, 2023, and Sections 66(C) and 66(D) of the Information Technology (Amendment) Act, 2008.

Public Advisory

Police have urged citizens not to download APK files received from any source — known or unknown — that claim to be bank applications, customer support tools, KYC update utilities, invitation cards, or RTO e-challans, without independent verification. Such files, authorities warned, can be weaponised to compromise mobile devices and facilitate large-scale financial fraud. This incident is part of a broader national pattern of APK-based phishing attacks that have surged in recent years, targeting mobile users unfamiliar with sideloading risks.

Point of View

As they often do. Law enforcement deserves credit for the cross-state trace, but until the principal accused are apprehended and the APK distribution chain is dismantled, arrests at the mule level will remain a partial fix to a structural problem. The NCCRP link to Bihar complaints also signals that this gang was not operating in isolation — a detail that warrants a coordinated multi-state probe.
NationPress
7 Jul 2026

Frequently Asked Questions

What is the fake RTO e-challan APK scam in Surat?
It is a cyber fraud in which a Surat resident was sent a malicious Android file named 'E-Chalan.apk', disguised as an official RTO e-challan application. After the victim downloaded it, the fraudsters gained remote access to the phone and transferred ₹24.40 lakh from the victim's bank account without consent, between 21 January and 25 May this year.
Who were arrested in connection with the Surat cyber fraud case?
Ritik Bali, 26, a labourer from Badnagar in Ujjain district, and Tinku Parmar, 44, an unemployed resident of the same town, were arrested by the Surat Cyber Crime Cell on 7 July. They are accused of procuring and supplying a UCO Bank account used to receive stolen funds.
How did the accused benefit from the fraud?
Ritik Bali allegedly arranged for a new UCO Bank account to be opened and handed the account kit to Tinku Parmar for a commission of ₹4,000. Parmar then supplied the kit to an absconding member of the fraud network, receiving ₹8,000 in return. Neither is believed to be the primary architect of the phishing scheme.
Were other states affected by the same bank account?
Yes. A check on the National Cyber Crime Reporting Portal (NCCRP) revealed two additional fraud complaints from Bihar linked to the same UCO Bank account, with combined losses of ₹70,500. This suggests the account was used across multiple fraud operations.
How can people protect themselves from APK-based mobile fraud?
Police have advised the public never to download APK files received via messages or links — even from known contacts — that claim to be bank apps, KYC update tools, customer support utilities, invitation cards, or RTO e-challans, without independently verifying their authenticity. Installing such files can give fraudsters full control over a mobile device and its linked financial accounts.
Nation Press
The Trail

Connected Dots

Tracing the thread behind this story — newest first.

8 Dots
  1. Latest 1 week ago
  2. 1 week ago
  3. 1 month ago
  4. 1 month ago
  5. 2 months ago
  6. 11 months ago
  7. 1 year ago
  8. 1 year ago
Google Prefer NP
On Google