Bengaluru: An alleged cryptocurrency scam in Karnataka has escalated rapidly into a raging controversy, with the Congress accusing the state’s BJP-led government of a “cover-up” late last week. Chief Minister Basavaraj Bommai Monday countered that the matter was a “non-issue” that the Congress was trying to rake up for political mileage.
Bommai’s dismissal of the alleged bitcoin scam as a “non-issue”, however, comes barely five days after he discussed the matter with Prime Minister Narendra Modi. “The Prime Minister did not wish to dwell much on the bitcoin issue. However, I myself raised it. The Prime Minister assured me not to bother much on the bitcoin issue,” Bommai told reporters Thursday in New Delhi after his meeting with Modi.
Last month, when Leader of the Opposition in the assembly Siddaramaiah brought up the issue and alleged multi-crore swindling, Bommai had said his government had treated the case very seriously and would not spare anyone involved.
Bommai’s claim this week that the matter is a “non-issue” has immediately led to more pushback from the Congress.
Hours after Bommai’s statement Monday, Siddaramaiah, in a series of tweets, demanded protection for the main accused in the case, a young hacker called Srikrishna alias Sriki.
Bitcoin scam is an organised 'White collar crime'.
It is said that all the passwords of the Bitcoin accounts related to the scam are just in the memory of Sriki. It is not written anywhere.
His life will be under risk for these known & several unknown reasons.#Bitcoin
— Siddaramaiah (@siddaramaiah) November 15, 2021
Siddaramaiah’s statement came in the backdrop of Srikrishna being arrested in a separate case — over a brawl at a luxury hotel— by Bengaluru police on 6 November, only to be released on bail in five days.
The case fuelling the current political sparring, however, dates back exactly a year.
The alleged scam and why it is creating a political flurry
On 9 November 2020, the Central Crime Branch (CCB) of Bengaluru police arrested two people — Hemanth Mudappa and Sunish Hegde — in connection with a drug-peddling case. Police also announced that they had confiscated 500 grams of “hydro marijuana” that was allegedly procured over the dark net using cryptocurrency.
Darshan Lamani, the son of former Congress minister Rudrappa Lamani, was arrested for allegedly harbouring the accused.
The following week, police arrested more persons, including the then 25-year-old Srikrishna and Robin Khandelwal, a bitcoin exchange owner. It was then that police stumbled upon Srikrishna’s alleged history of cyber fraud and ransomware attacks.
While Srikrishna allegedly hacked and stole cryptocurrencies, Robin exchanged them for a commission and deposited money to various accounts, as instructed by the former.
These accounts belonged to Srikrishna’s friends, acquaintances, and business contacts, according to Khandelwal’s statement, a copy of which is with ThePrint.
During the course of the investigation, Srikrishna was booked for five other cases. These included hacking into the Karnataka government e-procurement portal and swindling funds, hacking an online poker site called Pacific Gaming Pvt Ltd, hacking bitcoin exchanges, and cryptocurrency theft. He was kept in police custody until 17 April 2021.
The Congress in Karnataka has since alleged that the BJP government is attempting to cover up Srikrishna’s exploits for kickbacks and to protect people in powerful positions who have benefited from his alleged expertise in cybercrime.
“This is a multi-crore crime. Those in government have received kickbacks in drugs, transfers. There is no proof of government referring the case to the ED [Enforcement Directorate] voluntarily as being claimed by CM Bommai,” Priyank Kharge, Congress MLA and former IT minister of Karnataka, told the media last week.
Bommai’s downplaying of the issue this week has invited further criticism.
“If the bitcoin scam was not important, why was it discussed with the Prime Minister? Why did the CCB issue a press release? Why did a minister hold a hurried press conference at 9pm? Why are BJP leaders uncomfortable? Why aren’t there answers to Congress’ questions? It is this strange behaviour that is giving them away,” Kharge, tweeted Sunday. Last week, Kharge had said that a thorough investigation into the case could lead to a change of Chief Minister in Karnataka.
Bommai, who was home minister when the case first came to light in 2020, has also confounded some BJP leaders.
“If the PM has asked for the ED to investigate the matter, that means something has gone wrong somewhere. As the party in power, we are coordinating with central agencies but to say there is no wrong-doing at all is a stretch,” a senior legislator of the BJP told The Print on the condition of anonymity.
What is without doubt is that the investigation of the bitcoin case has been marred by some glaring inconsistencies, at the very least.
The curious case of the ‘missing’ bitcoins
On 12 January 2021, Bengaluru police in a press release claimed to have recovered 31 bitcoins worth Rs 9 crore from Srikrishna, saying he had collected them by illegal hacking.
The first panchnama for recovery was recorded on 8 January 2021. The panchnama, a copy of which is with ThePrint, shows two panchas (witnesses) — both employees of the Bangalore Electricity Supply Company (BESCOM) — attesting that 31.12 bitcoins were found in a cloud wallet of the accused, which was accessed using a password given by him.
On 18 January, a second panchnama was recorded for the transfer of the bitcoins to a wallet set up by police, and the panchas this time were two commercial tax inspectors.
The Central Crime Branch used the services of Unocoin Technologies Pvt Ltd, a Bengaluru-based cryptocurrency firm, to transfer the bitcoins. The panchnama reads: “In the presence of panchas the following cryptocurrencies were transferred to police wallet: 0.08567702 BTC, 35.081731 XRP, 26.892276 USDT (tether), 14.51970573 DAI. The above transfer sums up to 0.08712512 BTC (At time of transfer).”
BTC, XRP, tether and DAI are all different forms of cryptocurrencies or payment assets.
However, a third panchnama contradicting the previous two was recorded on 22 January. The two commercial tax inspectors appeared as panchas again, and the proceedings were recorded with screenshots. The panchnama shows that when the team tried to access the accused’s cloud wallet using the password provided by Srikrishna, 186.811 bitcoins were shown as “available”, but the wallet had live transactions in progress.
When an attempt was made to transfer these bitcoins to the police wallet, a pop-up box on the screen said “TX already in Blockchain” and showed that the transaction was successful, displaying a transaction ID.
“On checking the said transaction ID on the Block Chain Explorer, it was seen that the said transaction ID never existed,” the third panchnama says.
Police did not announce this development to the public until months later. A 13 November press release issued by the Commissioner of Police said, “Cyber experts opined that the said account claimed by the accused as his personal account was in fact, a live wallet of an exchange and the accused did not have a private key for this.”
The statement added that no bitcoins were transferred to the police wallet — a contradiction of the police press release of 12 January.
This flip-flop has piqued the Opposition’s interest, with the Congress demanding to know why there was no recovery of bitcoins from the accused despite his confessions. The Congress is also questioning the government’s alleged delay in alerting central agencies to Srikrishna’s claims of hacking international bitcoin exchanges, websites, and cryptocurrency banks, and thus illegally amassing cryptocurrencies worth crores over the years.
The Congress has alleged that Bengaluru police, despite a letter from the ED in December 2020 identifying Srikrishna as an “international hacker”, did not respond to their queries until a second letter was sent in February 2021.
The CCB has filed chargesheets in the cases it was investigating and has now handed over the case files to the ED and Crime Investigation Department (CID), which are still in the process of completing investigations against Sriki.
In April this year, the Interpol wing of the Central Bureau of Investigation (CBI) was also apprised of Sriki’s activities.
Srikrishna’s ‘tall claims’ of cybercrimes?
In his “voluntary” statement recorded before a magistrate, a copy of which is with ThePrint, Srikrishna claimed to have learnt the basics of coding and “web exploitation” when he was in Class 4, and even wrote his first bot for a game called RuneScape.
By the time he was in Class 10, he added, he was the moderator of a forum of black hat hackers — those who hack into computer networks with a malicious intent — and was already making “thousands of dollars” by writing bots and staking in an online game.
Amid these lucrative activities, college did not hold much appeal for Sriki, who allegedly ran away from home when he was 17 and dropped out of an engineering college. His family persuaded Sriki to pursue his studies at the Eindhoven University of Technology in the Netherlands instead, but a straight and narrow path is believed to have never held any allure for him.
Among the dubious achievements that he has allegedly claimed, Sriki has counted hacking into the accounts of political leaders, journalists, and television channels in December 2016, and a year later hacking the Bitclub Network and stealing 100 bitcoins. In 2017 and 2018, Sriki claimed to have hacked a Chinese website — PPPoker — to alter codes that allowed his friends to see cards of other players and win games. Sriki has also said that he was part of a group that hacked Bitfinex, a cryptocurrency exchange, in 2015 and again in 2019. In a second hack, he claimed to have made 2,000 bitcoins.
Sriki said he hacked the Karnataka government’s e-procurement portal in 2019 and gained access to bids, tenders, payments, IFSC codes, and account numbers of bidders. He also confessed to have made three transfers worth a total of Rs 46 crore to two accounts for commission. This case is being investigated by the CID and ED.
In his statement, Sriki has given further details of his alleged cyber exploits from 2015 to 2020, complete with dates and profits, and claimed that he does not have a bank account.
According to Bengaluru police’s 12 January press release, Srikrishna had, among other things, masterminded the hacking of three bitcoin exchanges and 10 poker websites.
Robin Khandelwal, in his statement, appears to have corroborated many of Sriki’s claims.
“I am aware of all the hacking and illegal money-making methods of Sriki since 2017. I have been taking care of his finances since 2017. He has transferred about 130 bitcoins to my wallet on various dates. After deducting my commission, I have monetised and transferred about Rs 3,48,62,590 to various bank accounts as asked by Srikrishna over the years. Rs 1,50,00,000 in cash has been handed over to a person referred by Sriki,” Khandelwal said in his statement.
In the voluntary statement, which was released to the media by the Congress, Srikrishna has said that he spent most of his spoils on luxury hotels, expensive trips, drugs, and rave parties.
Bengaluru police Saturday, however, said the majority of Srikrishna’s claims were “unsubstantiated” since there was no “legal request or intimation” by any countries concerned about hacking originating from Bengaluru or any other “claims made by the accused”.
The statement seemed to be a response to the Congress allegation that international investigative agencies like the FBI had informed Prime Minister Narendra Modi of the multi-crore cyber fraud during his visit to the USA in September.
Srikrishna’s father has sought a CBI inquiry
The Congress, meanwhile, has criticised the CCB investigation, with much of its ammunition coming from Srikrishna’s “voluntary statement” before a magistrate from earlier this year, and a petition that Gopal Ramesh, the accused’s father, filed in the Karnataka High Court.
In a writ petition filed in the high court on 2 February 2021, a copy of which is with ThePrint, Gopal Ramesh alleged that the CCB had arrested Srikrishna on 14 November 2020 but showed 17 November as the arrest date. Police had also filed six cases consecutively, extending his custody.
The petition further alleged that Srikrishna was administered “excessive doses” of a sedative while in police custody.
In his petition, Gopal Ramesh has accused police of getting Srikrishna’s stomach pumped in order to remove drugs from his system even though the court had not ordered any such action. The Congress has also sought to know why prescription drugs were supplied to the accused while in police custody.
One of the six prayers in the petition was to transfer the case to the CBI or a special investigation team. The Bengaluru police, in a “clarification” issued Saturday following the Congress onslaught, said the petition was dismissed by the high court.
While the controversy rages on, Srikrishna has taken a line that sounds rather like Bommai’s. “There is nothing in the bitcoin issue. This is all nuisance and bogus,” Srikrishna told reporters outside Bengaluru Central jail Wednesday while walking out on bail in connection with the brawl case. His parting shot to journalists was to “chill” and let him go home.
What the experts say
Even as Congress and BJP leaders point fingers at each other, cyber experts say the “missing” bitcoins might have a rather prosaic explanation.
“It is fairly easy to lose cryptocurrencies since they depend on a secret key, which is really a long password. It can’t be guessed but can be copied, and this allows theft,” Kiran Jonnalagadda, a technology practitioner and CEO of the software company Hasgeek, told ThePrint.
“Cryptocurrencies that are stolen using user login or hacking an exchange are quickly transferred to another account. We usually cannot figure out where it has gone. Tracing of cryptocurrency requires resources that only national governments have,” he said, adding that the allegations of a multi-crore scam reminded him of the furore over the Blue Whale challenge — a trend that was characterised more by hearsay-driven panic than substance.
(Edited by Asavari Singh)