The Ahmedabad Cyber Crime Branch has arrested three more accused in an inter-state cyber fraud racket that allegedly used artificial intelligence-generated deepfake videos to manipulate Aadhaar authentication systems, illegally alter registered mobile numbers, and obtain loans in the names of unsuspecting victims. The latest arrests bring the total number of accused in the case to seven, with one suspect — Oli Ullah from Assam — still absconding.

How the Scam Operated

According to investigators, the gang first harvested GST numbers and PAN card details of financially stable individuals through platforms such as MastersIndia and Peridot. They then allegedly accessed CIBIL reports via CRIF High Mark to retrieve victims' mobile numbers, and used Telegram bots to identify Aadhaar-linked numbers.

Photographs of targets were sourced from digital payment and social media platforms including PhonePe, Google Pay, WhatsApp, Truecaller, Facebook, and Instagram. Using AI platforms including Gemini and Meta AI, the accused allegedly created so-called eye-blinking deepfake videos from static photographs to mimic live facial movements and bypass Aadhaar biometric verification systems linked to Aadhaar UCL kits.

"The accused used highly advanced techniques to bypass digital verification systems. They created AI-generated eye-blinking videos from Aadhaar photographs to mimic live biometric authentication," a Cyber Crime Branch officer said.

Aadhaar Numbers Changed, Bank Accounts Opened

Investigators said the gang exploited loopholes in digital identity verification by using CSC centres to submit requests for changing Aadhaar-linked mobile numbers. Once a victim's registered mobile number was replaced with a SIM card controlled by the accused, they allegedly gained access to DigiLocker accounts, OTPs, Aadhaar-enabled services, and banking platforms tied to the victim's identity.

Cyber Crime DCP Dr Lavina Sinha said: "Once the mobile number was changed, they gained full access to DigiLocker and banking services. They then opened bank accounts, took personal loans and transferred the money across multiple accounts."

The accused allegedly accessed platforms including the National Informatics Centre's DigiLocker, UIDAI Online Services, IDFC Bank, Kotak Mahindra Bank, City Union Bank, and Jio Payments Bank. Instant personal loans — typically ranging from ₹25,000 to ₹50,000 — were obtained through platforms including RKBANSAL, TRUE CREDITS, and EARLYSALARY, with proceeds routed through multiple accounts to evade detection. The racket reportedly generated annual revenue of nearly ₹10 lakh to ₹15 lakh.

The Accused and Their Roles

The three newly arrested individuals are Krishna Prajapati, 22, a resident of Kushinagar district, Uttar Pradesh; Kazimuddin, 49, from Morigaon district, Assam; and Rabbul Hussain, 24, also from Morigaon district. Police identified Kazimuddin and Rabbul Hussain as the masterminds behind the fraud network.

According to investigators, Rabbul Hussain — reportedly pursuing a B.Com degree — allegedly handled AI tools and digital identity theft operations alongside the absconding Oli Ullah. Kazimuddin allegedly allowed fraudulent loan proceeds to be routed through his bank accounts in exchange for commission. Krishna Prajapati, who operated a settlement centre business, allegedly supplied victims' Aadhaar numbers, photographs, and mobile data to previously arrested accused Deep Gupta in exchange for commission payments.

How the Case Came to Light

The investigation began after an Ahmedabad businessman complained that he had suddenly stopped receiving OTPs linked to his Aadhaar-enabled payment system. Initially believing it to be a technical glitch, he later discovered that his Aadhaar-linked mobile number and biometric details had allegedly been altered without his knowledge, and loans had been taken in his name.

The case was registered at the Cyber Crime Police Station, Ahmedabad City, under Bharatiya Nyaya Sanhita, 2023 Sections 61(2)(a), 336(2) and 336(3), along with Sections 43(a), 43(b), 43(i), 66 and 66(C) of the Information Technology Act. Earlier arrests in Kushinagar were led by PI N.R. Gamit, while the latest arrests in Assam were carried out by PI J.P. Thakor and his team using technical surveillance, digital analysis, and human intelligence.

Systemic Gaps Flagged to Aadhaar Authorities

Police said they have formally informed Aadhaar authorities of what investigators described as "serious loopholes" in the digital identity verification ecosystem that the gang allegedly exploited. A local Aadhaar kit operator is also alleged to have helped facilitate illegal modifications to Aadhaar-linked records. Officials said interrogation of the arrested accused is continuing to identify additional victims and uncover the full extent of the interstate network.