How Indian Delhi police solved the most interesting case of ATM jackpotting

The Delhi police began investigating some allegations related to three huge ATM transactions, which exceed millions of rupees. The whistleblowers mentioned that the transactions were carried out on three different days and in three different locations by using hacking tools.

For the investigation of this jackpotting campaign, the whistleblowers delivered images captured at the ATMs related to this possible fraud. In these images you can see two individuals manipulating the ATM and filling a bag with money.

After mounting a complex surveillance operation, the authorities managed to identify the fraud operators, unraveling the hackers’ mode of operation. Thanks to this operation, local authorities identified the vehicles used by the attackers, accessing the license plates and linking this data to the individuals involved in the fraud, including Krishna Gopal. Although the police tried to question Gopal at his home, the individual had already left this place.

The car was purchased in 2019, shortly before Gopal was arrested for other criminal conduct. Because of this, the defendant deliberately left his old address and changed the old phone numbers to avoid being tracked.

The traditional investigation was not paying off for the police, so they had to resort to other methods to obtain information. Soon after, a phone number was identified in the name of Gopal’s wife, registered at a gas station. The gas company was consulted by the authorities, although they mentioned that it was not possible to hand over the information of its customers.

After that, the team worked tirelessly and checked between ten and fifteen gas agency records in order to identify the user behind these attacks. The approach used by the authorities, fully professional and technology-based helped to develop the full identity and current address of the person previously identified as Krishna Gopal.

During a raid on his current home, authorities seized a Raspberry Pi device, two banking skimming devices and some expired debit cards, as well as 4 smartphones and thousands of rupees in cash.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.