The SIT could be a political tool to rein in the BJP's opposition and even arm-twist the Union government and the probe agencies under it.
Published Jul 08, 2023 | 11:00 AM ⚊ Updated Jul 08, 2023 | 11:00 AM
The Bitcoin case during BJP regime is being re-investigated by CID. (Sriki alias Srikrishna, hacker, and former CM Bommai)
It was a series of daring capers, involving hacking gambling websites and even government e-portals, and living it up with the ill-gotten wealth.
Then, as it all fell apart for prime accused Srikrishna aka Sriki and others, the Central Crime Branch (CCB) of the Karnataka police probed the case, recovered quite a bit of the stolen money — a significant part of it in Bitcoin — and, for all intents and purposes, seemingly brought the case to its logical conclusion.
It even filed a charge sheet in court in what came to be known as the infamous multi-crore bitcoin scam.
Except, the Crime Investigation Department (CID) in Karnataka, in a separate charge sheet in another case against the same accused, pointed to gaps in the CCB’s investigation process.
Now, the Congress has returned to power in Karnataka and has set up a Special Investigation Team (SIT) to probe the case again. It was, after all, a poll promise, as current Home Minister G Parameshwara said.
“Along with the SIT, if any technical assistance is required, we will issue orders for that as well. We will do things within the framework of the law. The probe that was hushed up earlier will be carried out again to find the truth,” the home minister stated.
Karnataka police chief Alok Mohan briefed the new SIT members — headed by Additional Director General of Police (ADGP) Manish Khabirkar on Tuesday, 4 July, about how to go ahead with the investigation.
This time, the very CCB sleuths who conducted the earlier probe will also be under the scanner.
The needle of allegations also points at former chief minister Basavaraj Bommai, who was the home minister when the scam unfolded and the probe was conducted.
“According to the government order, this SIT under the CID has been formed for further investigating the Bitcoin scam as it has national and international ramifications,” ADGP Khabirkar told South First.
The earlier investigating team — the CCB — had its own limitations by way of geographical boundaries and jurisdictions, but the CID could probe further than those limits, he noted.
He added: “However, we will have to seek the court’s permission to re-investigate the case. We will proceed based on the court order’s sections under the CrPC.”
Khabirkar also told South First that no fresh FIR will be registered.
At the centre of the Bitcoin scam is Srikrishna Ramesh alias Sriki, a hacker who was aged a mere 25 when Bengaluru’s CCB police arrested him and his associates in a narcotics case in November 2020.
Sriki was accused of procuring drugs using Bitcoin — the world’s best-known cryptocurrency — via the dark web, which noted cybersecurity firm Kaspersky describes as “sites that are not indexed [by search engines] and only accessible via specialised web browsers”.
When Sriki was caught in end-2020 for peddling these narcotics to high-profile clients, it was not his first run-in with the police.
Srikrishna first appeared on the police radar in 2015, when he was arrested in connection with a bank account hacking case. However, he was granted bail quickly.
The police said the fact that he was not monitored after this case emboldened him, and he ended up racking up multiple cybercrimes and drug peddling charges over the years.
In February 2018, he was named as one of the accused in a pub brawl case involving Shantinagar MLA and Congress leader NA Haris’ son Mohammed Nalapad Haris. Nalapad is currently the state president of the Congress Youth Wing.
Srikrishna was charged with attempted murder as one of the aides of Nalapad, but went absconding.
While the rest of the accused went to jail, Srikrishna was at large till the time he got anticipatory bail. The police could not trace him since he didn’t use a mobile phone.
When Srikrishna was arrested again in November 2020 in the narcotics case, it opened up a Pandora’s box of murky cybercrimes.
Police sources said he remained distant from his family. He did not have any intimate relationships. His focus was on making money and consuming drugs.
He used to be hired by influential people for his expertise in cybercrime. Unfortunately for them, he created a detailed digital track of every exchange and interaction with them.
If he went down, he would take everyone down with him, recalled a senior police officer who interrogated Srikrishna in a cybercrime case.
On 17 December, 2019, a financial consultant of the e-Procurement Cell, Shylaja SK, lodged a complaint with the CID’s cybercrime police station in Bengaluru.
According to her complaint, she came across unauthorised fund transfers to the tune of ₹7.37 crore while verifying Earnest Money Deposit (EMD) refunds.
Investigations revealed that ₹1.05 crore was illegally transferred to bank accounts in Uttar Pradesh and Maharashtra. In all, a total of ₹11.55 crore had been siphoned off from the online portal of the Centre for E-Governance under the Karnataka government.
Based on her complaint, an FIR was registered and the CID sleuths initiated an investigation.
However, it was only in November 2020, when Srikrishna was arrested in the aforementioned narcotics case, that the police learnt that he was the mastermind behind the alleged hack.
Interrogating him in the narcotics case, the CCB claimed to have recovered 31 Bitcoin — valued at ₹9 crore back then — from Srikrishna. This claim was later retracted.
It may be noted that each Bitcoin was trading at around ₹13-14 lakh towards the end of November in 2020. It reached its peak — around ₹47.88 lakh apiece — in November of the next year, before crashing. On 6 July, its value was down to a little over ₹25 lakh.
It may also be noted that Bitcoin has for quite some time been the favoured mode of payment for hackers and scammers because of its decentralised and anonymous nature, which makes it hard to track. The fact that there is no regulatory framework to control it only adds to the lure.
It is also the preferred currency for dealers of contraband in the aforementioned dark web.
Sriki’s legal counsel, senior advocate Dayanand Hiremath, told South First that there are at least nine cases registered against him, and it is less likely that a new FIR would be registered as most of these cases have been investigated and even charge sheets have been filed. They are in various stages of progress.
“One case for a vandalising and assault at a star hotel, two other cases including the narcotics case registered by the Central Crime Branch police, and six other FIRs — including the ones at the Kempegowda Nagar and Cottonpet Police Stations — were registered against him and investigated,” he noted.
“Sriki has been granted bail in all these cases, and he appears before the court diligently whenever it is required. He is not in touch with me, and does not share his whereabouts, but his father is in contact with me,” he added.
“He is very smart. He looks up his court dates and appears before the judge without advocates. According to me, he thinks 10 times faster and is ahead of a normal person,” Hiremath told South First.
The case that brought Sriki to the spotlight was the FIR registered against him based on the complaint of the financial consultant of the e-Governance portal. The case was probed in detail, and the preliminary charge sheet was filed on 9 December, 2021.
According to the facts of the case, Sriki and his associates Suneesh Hegde and Prasidh Shetty conspired to hack the portal belonging to the e-Procurement Cell to alter bids posted by vendors and siphon off money.
Sriki successfully hacked the portal belonging to the Karnataka government using the jsp.spy hacking tool — a trojan, which is a virus that is downloaded as a legitimate program before beginning its illegal activities.
This specific tool can be used to spy or record Java Server Pages (JSPs), which themselves are used to create responsive websites.
Sriki allegedly used this tool to modify the database of the portal by altering the EMD refund instructions and — in the first incident — siphoned off ₹1.05 crore on 1 July, 2019, to the bank account of Nimmi Enterprises, owned by one Vinit Kumar, who is also an accused in the case.
The charge sheet stated Srikrishna created an online account on a messaging portal called Wickr with the username “dicerhash2”.
He then contacted another associate, Sushil Chandra, through messaging groups. Based on the instructions of Sriki, Sushil Chandra opened a user account on Wickr with his email address letsbizgain@gmail.com and started privately chatting with “dicerhash2” about arranging for bank accounts to transfer the funds on a 50-percent-commission basis.
Sushil Chandra later approached Harwinder Singh to arrange for other bank accounts.
On 9 July, 2019, a bank account belonging to the Uday Gram Vikas Sanstha witnessed a deposit of ₹10.5 crore. The proceeds were then passed on to different bank accounts belonging to the accused, the charge sheet stated.
The money eventually ended up with the prime accused duo — Suneesh Hegde and Srikrishna.
Soon after getting the money, Sriki, Suneesh Hegde, and their friends toured several parts of India, including Uttarakhand and Delhi, staying at luxurious hotels, and using other means to blow the proceeds of the crime, the charge sheet stated.
According to it, in a case registered at the Cybercrime Police Station in Bengaluru on a request from the case’s investigating officer (IO) Inspector Nayaz Ahmed, the court ordered searches at 10 addresses in Nagpur in Maharashtra to recover the proceeds of the crime that were parked in several bank accounts.
The charge sheet also mentioned that the petitioner from the government portal filed an application seeking interim custody of the funds frozen by the IO in the case by effecting their reversal from the account of beneficiaries to its account.
Several beneficiaries were named in the charge sheet in both cases.
Beneficiaries named in the charge sheet were Nimmi Enterprises, Harwinder Singh, Amar Narwal, Elegant Enterprises proprietor Vinay Malik, AV Infratech proprietor Amar Narval, KP Atri and Associates proprietor Krishan Pal Yadav, and Gurpreeth Kaur (the first instance).
Beneficiaries named in the second instance were four different bank accounts of Uday Gram Vikas Sanstha, Somanath Sales, JAI Trading Company, Agarwal Enterprises, Prakash Enterprises, Vardhaman Wires and Cables, Global Resourcing, and Abeer Steel.
The IO testified in the court that the fraudulent transactions worth ₹1.05 crore and ₹10.50 crore occurred on 1 July 2019, and 10 July, 2019, respectively.
It was a little before this time — March 2021 — that the Enforcement Directorate (ED) was approached to probe money-laundering charges.
In August of that year, the ED said in a statement that ₹1.44 crore lying in 14 bank accounts had been provisionally attached as part of its investigation in the case.
During the course of the ED investigation, it came to light that someone — Sriki, as it turned out — had hacked the Karnataka government’s e-governance portal.
Funds to the tune of ₹10.5 crore and ₹1.05 crore were diverted to bank accounts of the Nagpur-based NGO Uday Grama Vikash Sanstha and Uttar Pradesh-based proprietorship Nimmi Enterprises, respectively, the ED said in its statement.
Srikrishna was subsequently found to be involved in cybercrimes like ransomware attacks, hacking into Bitcoin exchanges, looting cryptocurrency, money laundering, and cyber fraud.
In 2020, leaders of the Congress — which was then in the Opposition — smelt a rat when it came to light that even while Sriki was in police custody, he had access to a Bitcoin repository in Singapore. Transactions that took place then are in question.
The Congress leaders cried foul and alleged that transactions of up to ₹10,000 crore in Bitcoins involving Srikrishna may have taken place.
Fingers were pointed at several political leaders, and there were apparent attempts to close the case.
The then KPCC working president and former Karnataka home minister Ramalinga Reddy said: “We hear the Prime Minister’s Office has sought details of the Bitcoin case.”
Even Siddaramaiah weighed in. He tweeted: “There is information about the involvement of influential politicians of Karnataka in Drugs & Bitcoin scam. It is concerning that the investigating officers are trying to close the case to help those politicians. @BJP4India govt should not use their power to divert the investigation. They should ensure that the guilty is punished [sic].”
Siddaramaiah even tweeted that Sriki’s life would be at risk for known and several unknown reasons.
Bitcoin scam is an organised ‘White collar crime’.
It is said that all the passwords of the Bitcoin accounts related to the scam are just in the memory of Sriki. It is not written anywhere.
His life will be under risk for these known & several unknown reasons.#Bitcoin
— Siddaramaiah (@siddaramaiah) November 15, 2021
When the then-ruling BJP defended itself, asking why it should refer the case to the ED and other investigative agencies, the Congress sought a judicial inquiry into the matter.
