21,000 SIMs Discovered: CBI Dismantles Massive “Phishing Factory” in Operation Chakra-V

India’s Central Bureau of Investigation (CBI) has announced the arrest of three individuals suspected of orchestrating a large-scale network for distributing phishing SMS messages across the country. According to investigators, these messages were used to lure citizens into a range of cyberfraud schemes—from so-called “fake digital arrests” to credit and investment scams—designed to extract personal and banking information.

Those arrested have been identified as Sonveer Singh, Maneesh Upreti, and Himalaya. As part of Operation Chakra-V, an initiative targeting organized cybercrime groups, the CBI analyzed vast volumes of fraudulent SMS messages received daily by the public and traced them back to a coordinated group operating in the National Capital Region and parts of Chandigarh. Investigators believe the group effectively provided “wholesale” SMS infrastructure to other cybercriminals, who then exploited it to defraud residents across India.

A critical element of the investigation was the sheer number of SIM cards involved. According to the CBI, approximately 21,000 SIM cards were obtained in violation of Department of Telecommunications (DoT) regulations. These SIMs were allegedly managed through an online platform, enabling the mass distribution of messages promoting “attractive” loans, investment opportunities, and other financial incentives. The objective, authorities say, was straightforward: to coerce individuals into surrendering sensitive data and thereby gain access to their funds.

The CBI has also registered a case against a private firm, Lord Mahavira Services India Private Limited. Investigators believe the company played a key role in supporting the illegal system that allowed fraudsters to send vast volumes of counterfeit messages nationwide.

During searches conducted in Delhi, Noida, and Chandigarh, bureau officials reported uncovering a “fully operational” phishing distribution setup. According to the CBI, the infrastructure included servers, communications equipment, USB hubs, dongles, and thousands of SIM cards. Authorities claim this system was capable of transmitting hundreds of thousands of fraudulent messages each day.

In addition to hardware, investigators seized digital evidence, unaccounted cash, and cryptocurrency. The CBI further noted that preliminary findings point to possible assistance from certain telecom partners and their employees, who may have been involved in the unlawful procurement of SIM cards for the scheme. As of now, three individuals have been taken into custody.

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy