The accused, Bommaluru Lakshmipathi, from Chittoor in Andhra Pradesh, India claimed to have graduated from a prestigious college and worked in many IT companies in Dubai and Bengaluru before getting into ethical hacking.
According to the police, Lakshmipathi would hack the website of the company, in this case Reward-360,and use all the unused reward points to purchase valuables online. Based on a complaint, the police tracked down the accused and arrested him.
According to DCP South East, C.K. Baba, it all began when Lakshmipathi acquired debit and credit cards from a private sector bank when he was still a student. When the bank denied him reward points during his student days, he ingeniously developed a programme to exploit their servers continuously, acquiring an unlimited number of vouchers. “He then converted these vouchers into a substantial amount of digital currency, which he subsequently invested in precious metals like gold and silver. This breach exposed vulnerabilities in the bank’s systems and server security, highlighting the importance of robust cybersecurity measures in the digital age,” he said.
Using his hacking skills, he stole 600,000 - 700,000 vouchers worth close to $600,00. He purchased 24 carat gold coins and silver articles so that he could sell them to get cash. He planned to relocate to Dubai, said the police.
The accused was living in an apartment in Whitefield and getting ready to leave the country, when the cybercrime police tracked him down. During the course of investigations, the police gathered data on hacking and are planning to prepare a list of advisories for banks and companies to prevent such incidents in future. A senior police officer part of the investigations said that they also found lapses on part of the companies which failed to recognise the breach and hacking activities despite a dedicated team appointed to track down such dubious activities.
The police seized 5.2 kg (11.46 lbs) of gold valuables, 27.2 kg (59.96 lbs) of silver articles, $13,600 in cash, seven two-wheelers, over $31,300 worth of wallet accounts, two laptops, and three mobile phones from him. This is one of the highest recoveries made by the cybercrime police in the recent past, the police said.