A major cyber fraud has rocked Mumbai’s Prabhadevi area, where a hacker breached the Aditya Birla Capital Digital Limited (ABCD) app and illicitly sold digital gold worth approximately ₹1.95 crore from the accounts of 435 customers. The fraudster bypassed security protocols and transferred the proceeds to various personal bank accounts.
Digital Gold Scam Triggers Cyber Probe After API Breach in ABCD App
The incident came to light after numerous customers contacted the company’s call center, reporting that their digital gold holdings were sold without consent. In response, the company filed an FIR with the Central Region Cyber Police, prompting a full-scale investigation by the cyber cell.
According to the complaint filed by Ravindra Rajmal Chaudhary, Head of Fraud Risk Management at ABCD, the company facilitates digital gold transactions through MMTC-PAMP, using Razorpay for payment processing. The fraud occurred through a hack in the API linking the ABCD app to the server at digital.adityabirlacapital.com.
ABCD App Breach: Hacker Bypasses OTP to Sell ₹1.95 Cr Digital Gold from 435 Accounts
The hacker reportedly manipulated transaction protocols and bypassed the mandatory OTP (One-Time Password) verification, successfully selling digital gold from user accounts without triggering security alerts. The breach was discovered by the technical team on June 9, leading to an immediate suspension of the digital gold selling feature.
An internal investigation by the information security team confirmed that digital gold was fraudulently sold from 435 customer accounts. The company submitted detailed technical logs and a list of impacted users to the Mumbai Cyber Cell, which has now initiated a deep forensic and technical probe into the breach.
Fintech Breach Sparks Urgent Call for Stronger Cybersecurity Measures
This alarming incident highlights growing vulnerabilities in fintech applications and the critical importance of robust cybersecurity measures. Investigations are ongoing, and further action is expected as authorities trace the hacker’s identity and digital trail.
Summary:
A hacker breached the ABCD app in Mumbai, bypassing OTP verification and selling ₹1.95 crore worth of digital gold from 435 accounts. The fraud triggered a full-scale cyber probe. Authorities are investigating the API breach as the company urges stronger cybersecurity to counter rising threats in fintech platforms.
