Search This Blog

Showing posts with label Payment Gateway Firm. Show all posts

Chinese Loan App Case: ED Freezes Rs 46.67 Crore Worth Funds Of Payment Gateway Apps

 

The Enforcement Directorate has carried out raids against Chinese “controlled” loan apps and investment tokens. The ED froze Rs. 46.67 cr. worth funds kept at the Bengaluru premise of payment gateways accounts of Easybuzz, Razorpay, Cashfree, and Paytm in connection with the HPZ token case over alleged irregularities in the operation of instant app-based loan-giving companies that are controlled by Chinese personals. The funds have been frozen and seized under the Prevention of Money Laundering Act (PMLA).

The investigation was carried out on September 14th at various business and residential premises in Delhi, Ghaziabad, Mumbai, Lucknow, and Gaya over the money laundering case probed against an app-based token named HPZ and related entities. The case is based on an FIR filed in October 2021, registered by the Kohima police’s cybercrime unit in Nagaland.

According to the ED, the HPZ token was an app-based token that lured victims to invest in the company, promising a doubling of their investments and large gains to the customers against investments by investing in mining machines in bitcoins and other cryptocurrencies.

“Payments were received from users through UPIs and other payment gateways/ nodal gateways/ individuals. Part amount was paid back to the investors and remaining amount was diverted to various individuals and company accounts through various payment gateways/ banks from where partly it was siphoned off in digital/virtual currencies. After that, the fraudsters stopped the payments and the website became inaccessible” states the ED.

Allegedly, the companies sourced the personal data of the victims at the time of downloading the loan apps even when their interest rates were “unsurious”. ED thus initiated a probe under the criminal sections of the PMLA after many debtors reportedly ended their lives. The debtors were being harassed and threatened by these loan app companies over the personal data available on their phones. The ED claims, that one such Loan app entity, labeled M/s Mad- Elephant Network Technology Private Limited in an agreement with X10 Financial Services Limited was operating several loan apps, namely Yo-Yo cash, Tufan Rupees, Coco cash, etc.) Similarly, Su Hui Technology Private Limited, in agreement with M/s Nimisha Finance India Private Limited, had operated loan apps.

In a meeting held on September 8, Finance Minister Nirmala Sitaraman reviewed the issues pertaining to the illegal loan apps. The meeting was attended by top officials from the ministry and RBI officials. It is being decided that appropriate measures shall be taken to check the operations of such apps. 

Payment Gateway Firm Razorpay Loses ₹7.3 Crore in Cyber Fraud Incident

 

The South East cybercrime police are investigating a fraudulent case where a hacker stole ₹7.3 crores over three months by exploiting the authorization process of Razorpay Software Private Limited, a payment gateway company to authenticate 831 failed transactions. 

The fraud came to light when officials of the payment gateway company Razorpay Software Private Limited conducted an audit of the transactions, and they couldn’t accommodate the receipt of Rs. 7,38,36,192 against 831 transactions. 

Razorpay Software Private Limited was founded by Shashank Kumar and Harshil Mathur in 2015. The company offers online payment services that allow businesses in India to collect payments via credit card, debit card, net banking, and wallets. 

On May 16, Abhishek Abhinav Anand, head of Legal Disputes and Law Enforcement at Razorpay Software Private Limited, lodged a complaint with the South East cybercrime police. The police are currently attempting to track down the hacker on the basis of online transactions.
 
An internal probe has revealed that some person or persons have tampered with and manipulated the authorization and authentication process. As a result, false ‘approvals’ were sent to Razorpay against the 831 failed transactions, resulting in a loss amounting to ₹7,38,36,192. The company provided details of the 831 failed transactions, including date, time, IP address, and other relevant information to the police. 

"Razorpay's payment gateway is at par with the industry standards on data security. During a routine payment process, an unauthorized actor(s) with malicious intent used the browser to tamper with authorization data on a few merchant sites that used an older version of Razorpay's integration, due to gaps in their payment verification process. The company has conducted an audit of the platform to ensure no other systems, no merchant data, and funds, and neither their end-consumers were affected by this incident,” Razorpay’s spokesperson stated. 

According to the ministry of electronics and information technology (Meity), between 2018 and 2021, there was an over a five-fold jump in the number of cybercrime and fraud incidents recorded by the government. 

Basically, the number of incidents surged from 208,456 in 2018 to 1,402,809 in 2021, as per the Data available with the Indian Computer Emergency Response Team (Cert-In). Indian Computer Emergency Response Team is the government agency for computer security.