The case first came to the spotlight in November 2020 when the Central Crime Branch (CCB) allegedly seized 31 bitcoins. The collective worth of these bitcoins was said to be Rs 9 crores.The accused, identified as Srikrishna Ramesh aka Sriki. WHO IS SRIKRISHNA RAMESH? Sri Krishna Ramesh (Sriki), known online as AP. He was born on March 30, 1995 to Gopal Ramesh and Kausalya Ramesh and studied in Kumarans School, Bengaluru. The 26-year-old is accused of hacking “three bitcoin exchanges, 10 poker websites, and four other websites, including Government of Karnataka’s e-procurement website”. He said to the police that he had learnt his basics of hacking from the age of 8 itself. He claims to began learning the programming language Java when he was in Class 4. So this man began learning the coding in class 4 itself. “In Class 4, I learned the basics of web exploitation, Java, Reverse engineering and wrote my first bot for a game called RuneScape. He purportedly composed a program to robotize monotonously tedious errands in the game, in any event, creating a little gain simultaneously. “This was my first attempt at reverse engineering obfuscated games and binary exploitation,” he wrote in his statement to the police. Later in the upcoming years, he joined an Internet Relay Chat (IRC) channel used by a group of black hat hackers (unethical hackers). According to him, he learned hacking from the members of this channel. His assertion is being challenged in a Karnataka court by Sriki’s family, however it proposes he diagrammed a remarkable way as a cybercriminal. Sriki moved on from his unobtrusive ‘RuneScape’ exploits to more genuine hacks in the blink of an eye. “Picking up skills slowly as a script kiddie, I learned the basics of databases, SQL injections, local file inclusions, remote file inclusions, remote code executions, shells, web application exploitation, and source code analysis,” the hacker wrote about his activities during school days. Beginning as a new kid on the block in hacking, throughout the long term he learned refined information in illicit hacking of sites and others. “h4cky0u”, a community of 50,000 members split into two groups during a communal feud which led to the creation of two separate forums: h4cky0u and h4ck y0u•.org. While he was in Class 8 and 9 .Afterward, Srikrishna was advanc ed as the mediator of the channel’s discussion and a director of the IRC network when he was in Class 9. During this time, he started making companions in the global hacking circles, with a large number of them coaching him in monetary hacking. He and his companion ‘Shane Duffy’ (From Sydney, Australia) assumed name ‘ShaneSigex3’/’Sigex’ used to dump data sets and composed a content for checking PayPal account which he used to find usernames and passwords. With this PayPal account checker, they purchased R uneScape accounts on an unlawful gaming gathering called sythe, where individuals used to play exemplary RuneScape (presently known as OSRS or Old S game gold or coins for realchool RuneScape). He used to trade in life money. This was known as RWT (realworld trading). One million gold on Runescape sold for around $35 depending on market fluctuations. They made several thousand dollars from the game by staking, RWT, writing bots (reflection based Java bots) and also colouroriented Al bots which automated tasks in the game and sold the accounts generated by botting and blew it up on our luxurious lifestyle. He said by the time he was in Class 10, he made several thousand dollars along with his friend. While pursuing PUC (PCMB) at Jain College, V.V. Puram, alcohol and consuming various other narcotic substances DMT, 5MeOhe took to smoking cigarettes drinking — marijuana, cocaine, MDMA, LSD, DMT, salvia divinorum, kanna, Ritalin, ayahuasca. By the time he finished schooling, he was earning hundreds of doll ars every month, by hacking into an online game along with a hacker friend from Sydney. It was during this preuniversity (10+2), he learned about Bitcoins. “When I learned about Bitcoins the price was around $100 (per coin),” he wrote in the statement .Taking advantage of the pseudoanonymous nature of bitcoin, a person by the name of “Ross Ulbricht” made the first darknet market from which he initially imported drugs to India. This market was the infamous “Silk Road”. He ordered several packages in two years which all successfully cleared customs. Addicted to the lifestyle of drugs and crime, he picked up the habit of dropping acid at rave parties. The hacker claims that by the end of the two years of college, he was addicted to drugs and left home at the age of 17. “I ran away to the Himalayas at the age of 17 with my friend Rithvik and ended up in Badrinath. A case was registered at Siddapura police station (Missing persons) and Tilaknagar police station (By Rithvik’s mother). Eventually, due to a tec hnical folly, the Tilaknagar Police found us at ISKCON in Mathura and brought us back to Bangalore,” wrote the hacker. On his return, after dropping out of engineering from Bengaluru college, he joined B.Sc. in Computer Science at the Eindhoven University of Technology in Amsterdam. It was here, he learned more about Bitcoins. In Amsterdam, two of his friends started a bitcoin exchange, and working with them, he learned about bitcoin trading, which he later used for hacking into bitcoin exchanges. He extended his organization to a trap of bitcoin brokers in AMS, and alongside Tim Kamer and Edu Driessen began a bitcoin trade called satos.nl which was the main gloriously approved trade to bargain in real money following KYC standards by ABN Amro bank’ s AML head. During his stretch in TU Eindhoven, he met a driver named Walid Attadloui who assisted him with managing in real money trades. The every day turnover was around €50 percent for each. One day, the driver ente100,000 on which the edge was 35 red Sriki’s house illegally and stole his passport, his brother’s passport, 2 laptops, cash in Euros, a hard drive and two cameras. Walid was arrested and produced before the court in NL but Sriki did not receive his laptop back, which had around $3 millio n in BTC. Broke, he started from scratch by further expanding the network of friends to Italy, Switzerland, Sweden, France, and Germany. This network of bitcoin traders quickly allowed him to recuperate from the losses (by marginalized trading) after a ha ck of an exchange (Bitfinex). In 2015, Sriki returned to India and became friends with Nalpad through one Mahish DK, a classmate of Omar Nalpad. He separated from Nalapad after the pub brawl and he became close to Suneesh Hegde and the gang introduced b y Prasiddh Shetty in 2018. He is the most wanted cyber criminal in the country, with four different investigation agencies • • • • Central Crime BranchBengaluru Crime Investigation Department Enforcement Directorate (ED) CBIInterpol probing Karnataka bitcoin hacking and money laundering charges against him. Intriguingly, he managed to walk out a free man more than twice on bail. “There are numerous claims made by Srikrishna. There are claims of hacking a university website to modify marks of st udents but when we checked, the university did not report any such incident. We did not go around trying to verify all the claims,” a police source said. Big scam revealed by his statements ➢ : Srikrishna returned to Bengaluru in 2015 and became friends with Nalapad and was hanging out with that group.And it was in 2018, he had his first brush with the law. On February 18, 2018, Shantinagar Congress MLA NA Haris’ son Mohammad Nalapad was accus ed of brutally assaulting Vidwat Lokanath, the greatgrandson of the late Dewan K. Sheshadri Iyer in Farzi cafe in Bengaluru’s UB City mall. Srikrishna who was by then friends with the MLA’s son was accused number three in the case. While all other accuse d in the case were arrested, Srikrishna managed to evade arrest by changing cities multiple times, before he could get anticipatory bail. In his assertion, Srikrishna then, at that point, drilled down all hacking cases that he has been important for. A s indicated by police researching the case, he informed the police concerning these examples like they were enormous accomplishments of his life. “He began by discussing how he hacked his school site to give intermediary participation to his companions. He underscored the way that he didn’t take any cash for that. He likewise said that he hacked a few sites to get filmtickets and IPL tickets for his companions. Indeed he accentuated that he didn’t take any cash for that,” said a senior Bengaluru cop. “Lik e the majority of the crooks he needs to be renowned and he needs to be known as, as would be natural for him, a cool programmer. The assertion at one point started looking gloating. We are as yet incapable to learn a great deal of cases made by them, wher e he professes to have hacked into sites and servers. Despite the fact that he knows the outcomes of confessing to hacking these destinations, he can’t help himself,” the official added. ➢ “Bitfinex was my first big bitcoin exchange hack; the exchange wa s hacked twice, and I was the first person to do so,”during 2015 to 2016 hacking of the Bitcoin exchange. Around 120,000 bitcoins, which was about $72 million at the time, were stolen from Bitfinex in August 2016 based in Hongkong. “The second instance wa s a simple spearphishing attack that led to two Israeli hackers working for the army getting access to the computers of one of the employees, which gave them access to the AWS cloud account,” he wrote about the hack. News reports from Israeli media in Ju 2016 Bitfinex heist. ➢ ne 2019 stated that two Israeli brothers were arrested for the The second hacking is considered one of the biggest bitcoin heists ever. Srikrishna, who is accused in multiple hacking crimes in Bengaluru, including a Rs 11.5 state government’s eprocurement cell in 2019. SEVERAL HACKING CRIMES : Bitclub Network– crore h eist from the He hacked into Bitclub networks trade servers in 2017, gained admittance to fundamental servers, and pulled out around 100BTC. PPPokerHe hacked th is Chinese site in 2017 and 2018 and gained admittance to the information base through the administrator board. RuneScape.comAs a high schooler, he hacked into this game and sold gold on the game for cash on PayPal and Liberty Reserve, which is a nowol d site, as the proprietor of the site was capturedfor tax evasion and flawed KYC strategies. $1 million from this game was spent on lodgings and companions. GGPokerHe said he endeavored to hack this site at the command of Sunish Hegde, who compromised him with desperate results assuming he neglected to wrap up the task. Being the top poker site around the world at that point, outperforming even PokerStars, the undertaking was extensively troublesome, he said. At the point when the task was finished, Sunish went to prison. These are only a couple of cases; he has a few other hacking violations to his name. BTC e.com”This was a significant monetary benefit for me, the proprietor of this dead trade is sitting in prison in France forthcoming removal to the US,” he said. He created a gain of $3 million from this.$3.5 He was then captured in the medication case, yet this messed everything up. The Bengaluru Pol ice observed Srikrishna was engaged with numerous different violations in the city. Besides, a CID cybercrime cell test that was in progress simultaneously into the eobtainment cell hacking additionally uncovered specialized proof connecting him to the wr ongdoing. The police then, at that point, professed to have recuperated 31 bitcoins esteemed at Rs 9 crore from the supposed programmer. In any case, it is affirmed that Srikrishna had deceived wrongdoing branch authorities into accepting he approached bit coins that were really in return and not in his ownership, which prompted the case of the recuperation of bitcoins. How it works as per S riki : “In my manner of hacking, I exploited a bug in the datacenter, which gave me KVM (kernel virtual machinbased e) access to the server. I rebooted the server into GRUB mode, reset the root password, logged and reset the withdrawal server password and routed the money via bitcoincli to my own bitcoin address,” he claimed. According to Srikrishna’s statement, he m ade an approximate “profit” of 2,000 bitcoins “from the Bitfinex hack and blew the entire amount on a luxurious lifestyle”The chargesheet also includes bills running into several crores from multiple star hotels in Bengaluru and cities across India. The price of bitcoin was around $100 to $200, which was split with my friend Andy from the UK,” he stated. His claims and police verifications: The police have not yet been able to verify Srikrishna’s Bitfinex hacking claims as no international agency or In terpol has reached out to them in connection with the case. Sources said central agencies such as the ED, which is also investigating him, and CBI have been alerted to the international nature of the hacker’s crimes. According to Srikrishna’s statement, h e was in the Netherlands when the Bitfinex hacking happened in 2015. It occurred after he reportedly lost bitcoins worth $3 million after his laptop was stolen by an associate. “A network of bitcoin traders quickly allowed me to recuperate my losses by mar ginalised trading after a hack of an exchange (Bitfinex),” he said. While Srikrishna has not claimed any link to the 2016 hack at Bitfinex exchange, nearly 12,000 bitcoins of the 120,000 bitcoins which were stolen were moved for the first time on April 14 this year while the hacker was still in prison. ”He was involved in stealing small numbers of Bitcoins and not any major thefts,” a police source saidOne of the other claims made by Srikrishna to the police is that he hacked a second exchange called BTC e.com and stole 3,000 bitcoins. “There are numerous claims made by Srikrishna. There are claims of hacking a university website to modify marks of students but when we checked, the university did not report any such incident. We did not go around trying to verify all the claims,” a police source said. Sriki also admitted he had hacked into the Karnataka government’s eprocurement portal in 2019 and had made three separate transfers. “Two of the accounts were given to me by one Hemanth Mudappa to transfer Rs 18 crore and Rs 28 crore. Hemanth claimed he c ollected Rs 2 crore from one Ayub, whom I do not know. However, the CID claims that Rs 11 crore was collected byHemanth Mudappa. The second transfer of Rs 28 crore was refunded as the government learnt about the dubious nature of the transaction,” added S riki. The hacking claims have, however, resulted in a political furore in Karnataka, with the opposition Congress leader Siddaramaiah raising questions on what happened to the bitcoins that Srikrishna claimed to have stolen. Sources in the police denie d any wrongdoing in dealing with the hacker’s illegal activities. “Everything he told the police has been recorded and placed in court,” a source claimed in response to questions over alleged disappearance of bitcoins that Srikrishna claims to have stolen. Incidentally, in his statement Srikrishna suggests that he was aware as a hacker that stolen cryptocurrency transactions can be tracked by blockchain tracing experts. The statement suggests he was aware of obfuscation tactics employed by hackers to cover their tracks while handling stolen bitcoins. Sriki’s statement to police indicated he has been involved in hacking crimes even in 2016. Sriki has admitted to hacking Bitcoin and cryptocurrency exchanges and websites. He claimed to have hacked a cryptocur rency exchange in August 2016 — that of Bitfinex, which was registered in the British Virgin Islands. It was reportedly hacked on August 2, 2016, when 1,20,000 bitcoins were stolen). Sriki claims to have taken 2,000 Bitcoins. He also stole 3,000 bitcoins aft er hacking cryptocurrency exchange BTCe (a Russian portal that was shut down in 2017). Besides this, he said he hacked Bitstamp (a Luxembourg based bitcoin exchange), BitCentral (a cryptocurrency portal), Slushpool (a Bitcoin mining pool), ESL (a cryptoc urrency coin), Paytiz and Mpex (both cryptocurrency exchanges), but did not disclose the quantity stolen. He also reportedly hacked various Bitcoin stock trading platforms — Havelock Investments and Bitcoin Exchange BTC2PM.me — as well as websites and companie s like RuneScape, Tip.It, Sythe, GGPoker, CCI Panama, Pokerbazi (Indian entity) to earn millions of dollars illegally A senior CCB official said that when they got the custody of Srikrishna, they didn’t know they had an infamous hacker under arrest. “It w as when we were trying to find out how he was using bitcoins to buy drugs, we came to know about all the hacking cases he was part of. If it wasn’t for that drug case, we would have never found this hacker,” said the police.Sriki’s networks and his coa ccuses: After the 2018, farzi cafe case, sriki left Nalapad group and made new friends. Robin is a BCom graduate from Goenka College of Commerce and completed his course in 2008. He hails from Kolkata and was looking after his father’s rice mill while pr accountant exams. eparing for chartered In 2016, he began a Bitcoin trading service called Robin Online Services and contacted investors through various portals. His Bitcoin trading account was Robin KDL and he made Rs 50 crores through this service by wa y of 12 per cent commission he took. It was in 2017 when Robin first came in touch with Sriki through bitcoin.com while selling Bitcoins. Sriki introduced himself under the pseudonym ‘Dariel Herman’ and offered to sell 900 Bitcoins available with him, wh en the value of each coin ranged from Rs 1.3 lakh to Rs 4 lakh. In 2017, Shriki asked Robin to sell Etherium tokens, and in turn, they made 30 Bitcoins as a profit. Sriki took 20 coins and gave Robin 10 as a commission. Robin agreed and sold the coins in Sriki. Robin made close to Rs 4phases and transferred the amount to accounts specified by 6 crore through their partnership. In January 2018, Sriki asked Robin to come to Bengaluru and when he stayed at ITC Gardenia for three days , he learnt Sriki was an international hacker. Srikrishna hacked the Bitcoin exchange databases and showed how he had hacked into the Unocoin database and took away many Bitcoins and tokens. Sriki and Robin stayed in touch via Wickr.According to the charge sheet, Sriki introduced Robin to his friends Akeeb, Sonu, Soumya, Mohammed Nalapad and Nafi Mohammed Nasser, when Robin was staying at ITC Gardenia Hotel in Bengaluru. Speaking to India Today TV, Mohammed Nalapad said, “If I say know him. During 2016 l do not know him, it’s a lie. We 2017, he became my brother’s friend and, due to this, he became my friend. As we live in the centre of the city, everybody knows us and that is how we know him. He himself has written in the volunta ry statement that after 2018, he had no relationship with us. Nowhere on the charge sheet is it mentioned that we have done a crime. Also, knowing someone is not a crime.” One day Sriki messaged Robin, saying he was coming to Kolkata by road with his frie would stay at Robin’s place. Robin learnt that Sriki was involved in the pub brawl case. nd and Mohammad Nalapad was in jail. Sriki stayed with Robin for five days and paid for their expenses with bitcoin. They went to Mumbai by car and stayed at ITC Mara tha where Omar Nalapad, the younger brother of Mohammed Nalappad, met them. They were joined by Suhail Rehman. After Omat left, they left for Rishikesh and stayed for 10 days at a hotel and Sriki’s girlfriend Soumya and another friend, Jaggi, joined them. They all travelled the Himalayas and then shift to Manali. Robin returned to Kolkata due to kidney stone problems. A month later Robin travels with the gang to Shimla, Chandigarh and then finally to Delhi. They stay at the ShangriLa where Omar Nalapad is also staying. They had booked a private jet to fly them to Mumbai but since Sriki had no ID, they cancelled it. Sriki and a few others decided to head to Andhra Pradesh for a while.In August 2018, Robin was asked by Sriki to deposit 30 BTC in his ele ctronic wallet as he needed money. Robin then travelled to Bengaluru in December and stayed with Gary AKA Akash Vinod. Robin was introduced to the other accused — Suneesh Hedge, Prasidh Shetty and Sujay Raj by Sriki, and they headed to Goa via Manipal and spent time at the Taj. Suneesh paid for these expenses. While his friends played poker, Sriki hacked games to help them win money. They stayed in Goa for 10 days and then Robin went back to Kolkata. In 2019, Sriki again called Robin to come over to Goa and said that he had hacked into Coineal Etherium coin exchange and sent 450 coins and 60,000 worth of USDT to Robin’s wallet. On August 13, 2020, Robin along with Suneesh Hedge, Prasidh Shetty, Suresh, Sujay Raj and Sriki stayed at the Prestige Golfshire in Bengaluru for 30 days. Sriki then hacked the GGPoker gaming site and the entire group took part in this crime. But when Sriki did not agree to share the booty, the friends hatched a plot to get the money. But Sriki escaped. Robin claims he even booke d a chartered flight for SriKi when he was on the run in the 2018 Mohammed Nalapad ‘Farzi Cafe’ assault case. According to the charge sheet, Sriki sent 130 BTC to Robin from 2017 till December 20, 2020, which Robin sold and transferred Rs 3.48 crore to mu ltiple accounts given to him by Sriki. Abishek Jain from Hyderabad had converted the Bitcoins for Sriki into cash and sent Rs 1.5 crore via the hawala route. The total amount was now Rs. 4, 98, 62, 590. Suneesh Hegde, a civil engineer and class1 contrac tor with the BBMP (alumni of Ramaiah College) in his statement said he had come in contact with Sriki in 2016 everything for Sriki, from his food and lodging to his Bitcoin dealings. He said Sriki and the other accused lived in luxury17 and Robin handled hotels. Sriki claimed to have hacked and stolen several Bitcoins and promised to give them to Suresh, who spent over Rs 2 crore to foot Sriki’s gribills. He said Sriki and other accused lived in luxurious hotels such as ITC Gardenia, Four Seasons Hotel, Shan La, Gokulam Grand and threw parties at his flat.It was during this time that Sriki would hack into poker websites such as Delhibased PokerBaazi. He also hacked into Unocoin where Bitcoins are traded. “He claimed to have hacked and stolen several Bit coins and promised to give them to me. So, I looked after all expenses of Sriki. Till now, I have spent over Rs 2 crore on him,” Suneesh claimed in his statement. Eventually, the two reportedly fell out as Sriki did not deliver on the promises he made. Suneesh claimed that in 201617, one of Sriki’s friends identified as Shiva from Tamil Nadu was involved in a financial fraud with PokerBaazi. Sriki had hacked the we bsite and transferred money to Shiva. A notice was sent by PokerBaazi CEO Navkiran Singh to Shiva and Suneesh brokered a truce between them. This did not stop Sriki. He continued to hack PokerBaazi and Cashfree Payment Gateway (supports instant refunds v ersus the industry standard of refunds in five to seven working days). He made Rs 50 lakh from this, claimed Suneesh, and distributed the amount among his aides Deepak, Raju Gowda and Yashas Gowda. PokerBaazi CEO Navkiran Singh reported the hack to the c yber crime police in Bengaluru. Once again, Suneesh was roped in to broker a truce. However, in this case, Raju Gowda and Deepak were booked and sent to jail while Yashas turned an approver. While all this happened, Sriki escaped to Goa where he asked Sune esh to contact PokerBaazi CEO Navkiran Singh. Sriki told Suneesh said that he needed to meet Navkiran Singh in Goa promising that he would fix all the lapses in their poker website and app. According to Suneesh, senior management officials from PokerBaaz i arrived in Goa and met Sriki at a villa near the Anjana beach. Here, they paid him Rs 50 lakh which the entire gang then used to party. In 2019, Sriki decided to convert all his Bitcoins into cash, worth Rs 3 crore. He needed an account to encash his money. So, Suneesh brought in another accused Hemanth to do the job. After he transferred his money to Hemanth’s bank account, Sriki told Suneesh 10 days later that he had hacked into the BBMP eprocurement portal and hacked Rs 10.50 crore. This money was then transferred to Hemanth’s account. Sriki then told Hemanth to give him half of the amount, Suneesh claimed in his statement.The group then headed back to Bengaluru and began hacking poker websites. Suneesh claimed that they would book rooms in luxurio us hotels where Sriki would tell them which cards their opponents have and thus help them win. This money would then be spent on parties. While Suneesh and other would go home, Robin and Sriki continued to stay in the hotel. This did not stop Sriki. He continued to hack PokerBaazi and Cashfree Payment Gateway (supports instant refunds versus the industry standard of refunds in five to seven working days). He made Rs 50 lakh from this, claimed Suneesh, and distributed the amount among his aides Deepak, Raju Gowda and Yashas Gowda. PokerBaazi CEO Navkiran Singh reported the hack to the cyber crime police in Bengaluru. Once again, Suneesh was roped in to broker a truce. However, in this case, Raju Gowda and Deepak were booked and sent to jail while Yashas turned an approver. While all this happened, Sriki escaped to Goa where he asked Suneesh to contact PokerBaazi CEO Navkiran Singh. Sriki told Suneesh said that he needed to meet Navkiran Singh in Goa promising that he would fix all the lapses in their poke r website and app. According to Suneesh, senior management officials from PokerBaazi arrived in Goa and met Sriki at a villa near the Anjana beach. Here, they paid him Rs 50 lakh which the entire gang then used to party. In 2019, Sriki decided to convert all his Bitcoins into cash, worth Rs 3 crore. He needed an account to encash his money. So, Suneesh brought in another accused Hemanth to do the job. After he transferred his money to Hemanth’s bank account, Sriki told Sun he had hacked into the BBMP eeesh 10 days later that procurement portal and hacked Rs 10.50 crore. This money was then transferred to Hemanth’s account. Sriki then told Hemanth to give him half of the amount, Suneesh claimed in his statement. The group th en headed back to Bengaluru and began hacking poker websites. Suneesh claimed that they would book rooms in luxurious hotels where Sriki would tell them which cards their opponents have and thus help them win. This money would then be spent on parties. Whi Suneesh and other would go home, Robin and Sriki continued to stay in the hotel le .Sri i is now charged for hacking the particular website. In his statement, SriKi said Suneesh earned k his loyalty and respect “since he seemed like a guy who could be trus know that there lived a demon inside him waiting to extort the living hell out of me”. ted,” but adds: “little did I SriKi has also been chargesheeted for cheating an individual taking money promising bitcoins in return and failing to deliver. According to the charge sheet, he also hacked online game sites, including PokerDangal, PokerBaazi, GGpoker, PPpoker, SwC Poker, BitStarz and Spartan Poker. He used to make his friends play poker on these sites, while Srikrishna would hack the sites to see Opponent’ During these hacks, he had lived in a fives cards. star hotel in Goa for over a month, said Khandelwal in his statement. Similarly, when he was on the run after the assault case in Bengaluru, Srikrishna spent ₹11.80 lakh on a private jet for his travel, r ead the statement. But for Srikrishna, his downfall didn’t begin with the hacking or his involvement in the brawl in 2018. It was his drug addiction that got him behind the bars. In November 2020, officers of the Central Crime Branch were on the looko ut for drug peddlers in the city, as part of the Home Minister’s orders to crack down on the drug mafia in the city. Based on a tipoff, police approached one Suneesh Hegde who was procuring hydro marijuana through dealers on the darknet. During the ques tioning Hegde admitted that it was Srikrishna who was helping him procure the drugs. Srikrishna who has been purchasing drugs from the darknet for several years had helped Hegde purchase as a favour. Two other cases have been filed against Srikrishna — on e by Pacific Gaming Pvt Ltd about the hacking of its online gaming apps (Cyber Crime police station Cr No 45/2020 U/s 66(c), 66(d) IT Act) and the other by a complainant alleging the accused had cheated him of Rs 28 lakh after promising to give him bitcoin s (Ashoknagar police station — Cr No 287/2020 U/s 46, 420 of IPC). Charge sheets have been filed in these two cases which are now pending before the court HACKED KARNATAKA EPROCUREMENT SITE IN 2019 . Srikrishna Ramesh said he hacked into the Karnataka government’s eProcurement site in 2019. He said, “I exploited a remote code execution vulnerability and got access to the bidder informationand downloaded all the files relating to the bids happening at that moment. The hack allowed me to download excel files containing the transaction details, bid reference, payment amount, IFSC codes, account numbers of bidder, etc.” “We hacked this site in 2019 and made three separate transfers. Two of the accounts wer e given to me by Hemanth Mudappa for a total of Rs 18 crore in one account and Rs 28 crore in the other. Hemanth claimed he collected Rs 2 crore from an entity called Ayub, whom I do not know. However, the CID claims that Rs 11 crore was collected by Heman th Mudappa.” “I initiated the second transfer of Rs 28 crores while sitting in the Himalayas Ananda spa and resort as per the instructions of Sunish Hegde. This transaction was presumably refunded because the government apparently got to know about the dubious nature of the transaction. I did not earn any profit from this; however, I did enjoy the proceeds of the crime by living in 5star hotels and enjoying a luxurious lifestyle from the proceeds of the same.” Political storm : “In chargesheet fi led by CCB police, it is recorded that the accused looted 5,000 bitcoins through unethical hacking. Who holds these bitcoins now? Have they got it transferred to accounts of investigating agencies? Or are they clueless?” Siddaramaiah said on social media a while insinuating at involvement of politicians in the case.few days ago An activist from the Citizen Rights Foundation, K A Paul, has written to Karnataka High Court, seeking a court monitored probe into the hacking activities which have national and i ramifications. nternational Days after AICC spokesperson Randeep Singh Surjewala demanded a Supreme Courtmonitored SIT probe into the scam, demanding to know the “role” of the incumbent chief minister when he was the Home Minister and alleging senior BJP leaders, their family members and senior officers were involved in the scam, Bommai launched a direct attack on the Siddaramaiah government for failing to arrest Srikrishna. The BJP has now linked Siddaramaiah’s late son Rakesh Siddaramaiah by posting a picture of Rakesh with Hemant Muddappa and Suneesh Hegde, who are known to have links with the kingpinSriki. The Congress party has a lot to worry about as both Sriki and his associate Robin Kahndelwal’s statements establish their links with Mohammaed Na Nalappad. lapad and his brother Omar Apart from questioning the police hiding information about Srikrishna to central agencies, the Opposition has also alleged that ₹9 crore worth of bitcoins seized from the Srikrishna following his arrest in November 2020, was not shown in the charge sheet o the court. r the evidence submitted before Even as the Congress upped its ante against the chief minister, Surjewala demanded to know who were the “actors” in the scam. “Were the stolen bitcoins transferred from the wallet of alleged hacker Sri Krishna? How many bitcoins and of what value? How does the Bengaluru police then suggest (in its third Panchnama dated 22nd January 2021) that the 31 and 186 Bitcoins allegedly transferred to [a] police wallet were lost or were found to be fake transactions?,” aske d Surjewala, who also cited a Twitter handle named “Whale Alert” that showed the transfer of the 14,682 stolen Bitfinex bitcoins valued at Rs. 5,240 crores on December 1, 2020, and April 14, 2021 when Sri Krishna was in police custody. Surp — the dates risingly, Bengaluru police commissioner Kamal Pant also issued a clarification denying the “distorted” versions being reported in the media. Pant put on record that Srikrishna was one of the 10 accused arrested by the CCB police, who had secured one perso n on November 4, 2020, in connection with a drug consignment procured through Darknet. The police had seized 500 gm of Hydro ganja and a case was registered at K.G. Nagar police station under Cr No 91/2020 U/s 20(b) NDPS Act. During interrogation, Srikrish na had confessed before the investigation officer about his involvement in the alleged hacking of many cryptocurrency websites and a complaint was registered in Cottonpet police station Cr No 153/2020. “No bitcoin was transferred from hacker Srikrishna ’s account…For the purpose of investigation, following a government order (dated December 8, 2020) a bitcoin account was obtained. The accused had showed a BTC wallet with 31.8 BTC and the wallet password was changed in the presence of cyber experts and panchas and the recording of the process was submitted to the court. But after the court granted permission to transfer the bitcoins to the police wallet , the police found just 186.81 Bitcoins. The cyber experts told us the account claimed by the accused as his personal account was in fact a live wallet of an exchange and the accused charge sheet did not have the private key for it. So, the account was left untouched. The charge sheet has the above facts and is now subjudice,” stated Pant. “The matter w added Pant. as informed to the CBI Interpol on April 28, 2021 and to the ED March 3, 2021,” The top cop of Bengaluru also admitted that Srikrishna had submitted before the court that he had consumed Alprazolam drug while in police custody. The court ask ed the IO to collect the blood and urine samples of the accused at Victoria Hospital. On January 12, 2021, the IO had brought the accused to Victoria hospital but as the tests could not be done there, the court redirected him to Bowring hospital where the sample was collected and sent to FSL for scientific examination. The FSL report says there was no presence of drugs in the sample. Meanwhile, Srikrishna’s father Gopal Ramesh has filed a writ petition on February 5, 2021 before the Karnataka High Court seeking transfer of all the cases against his son to the CBI, alleging the CCB investigation has been “tainted” and done with “malafid e intention”. In his appeal, Gopal Ramesh alleged his son had been administered excessive “mindaltering drugs” specifically Alprazolam, a prohibited drug, while he was in custody and sought cognizance to be taken against all officials under the NDPS Act. He also sought the examination of the blood and urine samples of his son for traces of Benzodiazepine. Sriki’s father had appealed that his son had been drugged in custody and Sriki had admitted to have consumed drugs while in custody before the magistr explain the fiveate. Now, the police (government) should day delay in carrying out Sriki’s urine and blood test results. The Bangalore Medical College and Research Institute which was directed to conduct the tests carried out a stomach wash to rule out po isoning, before testing the samples for traces of drugs, which wasuncalled for,” alleged Congress MLA Priyank Kharge, who produced documents to substantiate his claim. The BJP now fear the alleged scam will bring disrepute not only to the party and but dent Prime Minister Modi’s image globally. could also The Congress party which outlined the scam during a press meet stated that Sriki, who was arrested in the drug case along with his associate Robin Khandelwal, was kept in police custody for more th an 100 days by repeatedly extending his custody by slapping different cases. He was released on bail on April 17, 2021. But despite the accused claiming to have been involved in international hacking before the Metropolitan Magistrate in Bengaluru in Decem ber 2020, the Karnataka government did not inform Interpol for over five months and the Bengaluru police commissioner wrote to the Interpol Liaison Officer (CBI) asking to inform Interpol and other agencies only on April 24, 2021. “The BJP government did not inform the ED, CBI and SFIO too. The current chief minister Basavaraj Bommai, who was the incharge Home Minister between August 20, 2019, and July 28, 2021,” charged Surjewala. Commenting on this, higher education, IT & BT minister Dr CN Ashwath Na rayan said, “We have nothing to do with this. The allegations are motivated. The entire hacking scam is being investigated by not just state police, but also by the central agencies like IT and ED. The truth will come out, once the investigation is over.” But as the bitcoin scandal is becoming a political tug of war, the concerns for the hacker are increasing. In a petition filed before the court, the hacker’s father Gopal Ramesh has claimed that his son was drugged by police while he was in custody. HT accessed the petition filed by the Srikrishna’s father, which read: “…application was filed by the petitioner being the father of the accused that he has credible and reliable information that the respondents (police) at the behest and unlawful orders hav e been administering the Petitioner’s son Srikrishna with excessive mindaltering drugs specifically Alprazolam which is a prohibited drug and therefore, sought cognizance be taken against all officials who have committed various offenses under the NDPS Ac t as also under the IPC.” He further claimed that even though the magistrate ordered a scientific examination of the hacker’s blood and urine samples, police conducted a stomach wash done on him, defying the order. The opposition also produced a document from Victoria Medical College that read that stomach cleaning performed “to rule out poisoning”. Jan dhan alone : Former Karnataka Chief Minister HD Kumaraswamy alleged that the accused in the Bitcoin scam hacked into Jan Dhan accounts and transferred 6,000 crore Rs 2 from each account, amounting to about Rs “I have been told that hacking of Jan Dhan accounts happened. Rs 2 per Jan Dhan account was hacked and transferred. I don’t know how true it is. It is worth Rs 6,000 crore. This is Jan Dhan alone,” Kumaraswamy said. Kumaraswamy also said that there were se government. rious doubts about attempts of a cover up by the BJP Bitcoin, a cryptocurrency, is not recognised as legal tender in many countries, including India. The Bitcoin scam has jostled the Karnataka government. The case took a political turn after it involves some BJP politicians. Congress accused the government is hushing up the scandal as Congress general secretary Randeep Singh Surjewala alleged in a press conference in Delhi on Saturday that the size of the scam could be much bigger because just on two days on December 1, 2020 and April 14, 2021 illegal transactions worth Rs 5240 crore took place.He posed a series of questions to Prime Minister Narendra Modi and asked what was the role of Karnataka Chief Minister Basaravaj Bommai, who was the state’s home minister when the scam took place. Bitcoin scam: Cops to provide gunman to accused Sriki, but there’s no trace of him We tried calling him on his mobile phone, but it was switched off. We went to his house again on 17th of December , but it was the same story said the police. The main accused in the Bitcoin scam, Sri Krishna alias Sriki, has gone incommunicado, despite the police deciding to provide a gunman to the hacker, whose revelations have become a political hot potato now. A polic e team visited Sriki’s address on 16th December morning to consider providing him a gunman.“But he was not present in the house and his family members told us that Sriki had not come home for the last few days. They also did not have any clue of his where abouts. “We tried calling him on his mobile phone, but it was switched off. We went to his house again on Wednesday, but it was the same story. We have told the family members to inform us soon after they establish contact with Sriki,” a senior police of ficer said. The police are inquiring with Sriki’s friends to trace him and provide him security as soon as possible. Police Commissioner Kamal Pant too said that a gunman will be provided to Sriki. Monday 15th December,Leader of Opposition Siddaramaiah On had demanded Chief Minister Basavaraj Bommai to ensure adequate protection to Sriki as “many influential people are said to be involved in the scam and hence protecting him becomes necessary”. There were reports on 17th December afternoon that Sriki had b false. een arrested by the police in Chennai, but it turned out to be Sriki’s laptops sent for forensic analysisThe Jeevan Bima Nagar (JB Nagar) police on Tuesday sent Sriki’s four laptops for digital forensic analysis. The JB Nagar police had arrested Sriki and his friend Vishnu Bhat on November 6 in an alleged assault incident at a star hotel. Srikrishna, who was out on bail in as many as seven cases, was arrested again on November 6 from a five-star hotel for allegedly not intervening in a drunken fracas between his friend and a hotel staff member. He was released on bail again .As part of the probe, the police had searched Sriki’s room and seized the four laptops. The police had obtained permission from a city court on November 11 to subject the laptops for forensic analysis, to know whether he is involved in any fresh cyber crimes. “There are almost 20,000 cryptocurrencies in the world and Bitcoin is just one of them. Every day, 10 new cryptos are introduced, but it takes a few years to be listed in the trading platforms. Many fly-by-night MLMs are coming up with their own crypto coins,” warns Joseph. The government’s move to introduce GST for crypto trading through the bill would impact the investor and not help curb hacking, say experts. “A hacker indulging in malicious activity would do it on Darknet. And there are some Telegram groups where you can buy credit card dumps (Card number, CVV, and expiry date) and the database is put up for sale on the Darknet. A barter system also works and hackers can buy bitcoins using the credit card balance of unsuspecting victims (card users),” points out Joseph. The ethical hacker’s community is also keen that India have a hacker-friendly ecosystem. India is coming up with a new vulnerability disclosure policy.
Case Study :
Written By : Ambika R (Internship Trainee)