To search out the trail of Bitcoins suspected to have disappeared from the wallets of a world hacker after his arrest in November 2020, a Particular Investigation Workforce has administered scientific tests to a cyber expert who had assisted the Bengaluru police in its investigation.
The SIT carried out mind mapping and polygraph tests on Santhosh Kumar Ok S, the CEO of Group Cyber ID Applied sciences (GCID) who had assisted the Bengaluru Central Crime Department (CCB) police within the investigations in opposition to hacker Srikrishna Ramesh alias Sriki, 29, in 2020, police sources stated.
The scientific tests had been carried out to determine the whereabouts of two of three nano ledgers or {hardware} crypto wallets that had been purchased on the behest of the cyber expert and reportedly used to switch cryptocurrency when Srikrishna was in police custody.
Santhosh Kumar was arrested in February by the SIT within the Bitcoin rip-off and is particularly accused of illegally accessing the crypto pockets of Robin Khandelwal, an accountant and affiliate of Srikrishna, to switch Bitcoin of the worth of Rs 1,83,624 to his personal crypto pockets, following the arrests of the duo in 2020. The transaction was allegedly facilitated by cops who had been investigating the hacker.
In current weeks the SIT has referred to voluntary statements of the hacker Srikrishna and two technical consultants who had been witnesses within the case in 2020 to recommend that CCB cops presumably facilitated the unlawful accessing of crypto wallets containing 4,000 Bitcoins value almost Rs 850 crore belonging to the hacker following his arrest.
Sources stated the SIT carried out the polygraph and mind mapping scientific tests on the premise of courtroom orders and with the consent of the cyber expert. The tests are anticipated to point whether or not the cyber expert has data of the destiny of the Bitcoins discovered with the hacker in 2020.
Narcoanalysis not carried out
Whereas a narcoanalysis take a look at was additionally proposed and cleared, it was not carried out on account of the well being situation of the cyber expert, sources stated.
The SIT has alleged in the course of the earlier bail arguments of Santhosh Kumar and different cyber consultants that the companies of the consultants had been used to delete the bash historical past on the Amazon internet server the place the crypto wallets of the hacker had been situated.
“Because of this essential data on the Bitcoin wallets within the Amazon Internet Server was erased and put out of attain of investigations,” the SIT alleged earlier this yr.
The SIT has additionally discovered that when Srikrishna was in custody, Santhosh Kumar obtained three nano ledgers or {hardware} crypto wallets from Surat by his associates, which got to a police officer Prashanth Babu, who’s an accused within the Bitcoin rip-off.
A big amount of Bitcoins that had been in Srikrishna’s wallets had been transferred to those {hardware} wallets in January 2021, the SIT has alleged. The SIT has reported the restoration of one of the three {hardware} crypto wallets from Prashanth Babu and is in search of to seek out the 2 different {hardware} crypto wallets allegedly used for the switch of the Bitcoins.
“There may be details about the switch of Bitcoins and wallets of Sriki to nano ledgers ({hardware} crypto wallets),” the SIT stated throughout bail arguments in courtroom proceedings.
Cyber expert in investigations
Santhosh Kumar’s companies had been typically utilized by the Bengaluru police in cyber circumstances between 2015 and 2021. Aside from GCID, which he operated in Bengaluru, the cyber expert can be linked to some different corporations in Karnataka. He began an organization known as Geek Studio in Dubai in December 2022 together with a Bengaluru affiliate. “He had labored beforehand in Dubai and had enterprise contacts,” a supply stated.
The Bitcoin rip-off from the BJP tenure of 2019-2023 is broadly believed to have political ramifications. The SIT was constituted in July 2023 by the Congress authorities following allegations of large-scale corruption in dealing with the hacker’s circumstances by the police division underneath BJP rule.
After he was arrested in 2020, Srikrishna revealed to the police, as per paperwork together with his voluntary statements filed within the courts, that he was in possession of a big quantity of Bitcoins. He claimed that the police had pressured him into giving freely the Bitcoins to them.
“I understood the case situation that even when I don’t give them the Bitcoins, they’ll use forensic strategies to seek out the Bitcoins after a chat with the investigating officer. So put up consultations, I voluntarily [agreed] to provide away the Bitcoins which I had stored in numerous wallets in several cryptocurrencies,” reads a press release attributed to Srikrishna which is a component of the chargesheet in a single of the hacking circumstances filed in opposition to him in 2021.
On the time of the hacker’s arrest in 2020, the worth of one Bitcoin was within the vary of $25000 (round Rs 20 lakh) and it soared to as excessive as $60,000 (round Rs 50 lakh) by April 2021.
The SIT has tried to determine the veracity of the allegations made by the hacker that cops took away his cryptocurrency following his arrest.
The SIT has filed a case of destruction of paperwork and dishonest in opposition to officers of the Bengaluru CCB police in reference to the alleged manipulation of digital units seized from Srikrishna and his associates.
Forensic proof
The SIT quoted a digital forensics report from the state forensic science lab dated February 20, 2023, to say that an Apple Macbook and a tough disk seized on November 17, 2020, by the police had been discovered to have been tampered with between November 18 and 20. A second Macbook, seized on November 19, 2020, was tampered with between November 20 and 21, it’s alleged.
Citing a CDAC forensic report dated January 23, 2024, the SIT has said that one of the laptops seized from Srikrishna on November 17, 2020, was used to entry crypto wallets at cryptocurrency web sites and to entry on-line gaming platforms whereas it was in police custody.
The report additionally discovered that anonymising instruments had been used to hide on-line actions, knowledge manipulation, switch of information to exterior units, deletion of historical past—which quantities to tampering of digital proof—the SIT has stated.
The SIT was constituted by the Congress authorities in June 2023 to analyze the alleged Bitcoin rip-off the place cryptocurrency value crores of rupees, allegedly stolen by Srikrishna from worldwide exchanges and gaming websites, had been in flip pocketed by police and politicians after the hacker’s arrest in 2020.
A number of hacking circumstances
Srikrishna is accused of a number of hacking crimes in India too, together with the extortion of cash from gaming websites like Poker Baazi in 2020, the theft of Rs 11.5 crore from the Karnataka e-procurement portal in 2019 and 60.6 Bitcoins value Rs 1.64 crore in 2017 from the Unocoin cryptocurrency trade within the state.
Srikrishna and his accountant Robin Khandelwal had been arrested by the Bengaluru CCB police in November 2020 on fees of shopping for medicine on-line utilizing Bitcoin.
The dealing with of the circumstances involving the hacker by the police underneath the BJP regime in Karnataka after the arrests in November 2020 resulted in allegations of corruption by the Congress when it was in opposition between 2020 and 2023.
There are allegations of police officers grabbing a big cache of Bitcoins that was discovered within the crypto wallets of Srikrishna after his arrest.
After the SIT was constituted two FIRs had been filed in August 2023 and January 2024 with respect to the tampering of proof and alleged unlawful confinement of the hacker and his affiliate by the police in 2020-21.
The SIT has arrested 4 former Bengaluru CCB cops—Prashanth Babu, Chandradhar S R, Lakshmikanthaiah and Sridhar Pujar—within the two circumstances. It additionally arrested Santhosh Kumar, the cyber expert. The cops and the cyber expert have been granted bail by courts.
