In one of the most audacious cyberattacks in recent memory, hackers looted ₹49 crore from the Moneyview app within just three hours by exploiting a flaw in its API (Application Programming Interface) system.
According to the Bengaluru Central Crime Branch (CCB), the app — operated by Wisdom Finance Company — was targeted by an international gang based across Dubai, China, Hong Kong, and the Philippines. The attackers used the app’s API key to divert funds into 653 fake and mule accounts, exposing critical gaps in API security and fraud detection.
Investigators revealed that the heist was coordinated from Dubai by an India-origin suspect, who used virtual private servers (VPS) to disguise the source of the attack. Each rented server, costing ₹2,000, was later linked to a France-based IP address, enabling hackers to operate undetected during the short, high-speed theft window.
Two Arrested, ₹10 Crore Recovered So Far
The CCB Cyber Crime unit has arrested two suspects — Ismail Attar from Belagavi and Patel from Maharashtra — and seized laptops and pen drives used in the operation. Authorities have managed to freeze ₹10 crore of the stolen amount while tracing the digital money trail to offshore accounts.
According to police, the hackers cleverly mixed mule accounts with genuine ones, paying small commissions to unsuspecting individuals who helped withdraw and transfer money. This approach made it harder for traditional transaction monitoring systems to detect anomalies in real time.
Officials said three more suspects in Dubai and two in Hong Kong have been identified, and efforts are underway in coordination with international law enforcement agencies to trace and extradite them. The arrested individuals are currently in judicial custody as the probe expands into what authorities call a multi-country cyber syndicate.
Rising Cyber Threats and API Exploits in Fintech
Cybersecurity experts have warned that API-based vulnerabilities have become one of the fastest-growing attack vectors in the fintech sector. APIs, which enable apps to communicate with banks and servers, can expose sensitive data if improperly secured.
The Moneyview incident underscores the growing sophistication of global cybercrime networks and the need for real-time fraud detection and layered authentication in digital finance platforms.
India’s Reserve Bank and cybersecurity authorities are expected to tighten compliance norms for fintechs following this breach, with an emphasis on API encryption, access controls, and third-party audits. The Moneyview attack serves as a stark reminder that in today’s digital economy, a single weak API key can unlock millions in losses within minutes.
