The Directorate of Enforcement (ED), Shillong Sub-Zonal Office, has provisionally attached movable properties worth ₹1.06 crore under the Prevention of Money Laundering Act (PMLA), 2002, in connection with the “Global Media App” fraud case, a suspected multi-crore Ponzi-style investment racket that allegedly cheated investors through a fake online earning platform with international operational links.
The attachment was carried out as part of the agency’s ongoing probe into a large-scale cyber-enabled financial fraud that investigators said lured unsuspecting investors with promises of daily passive income, referral commissions and high returns through a mobile application masquerading as an online advertising platform.
The ED initiated the investigation on the basis of an FIR registered by Madanriting Police Station in East Khasi Hills district on allegations of cheating through the “Global Media App”. According to the agency, the accused persons operated the application “as a Ponzi-style investment scheme under the guise of an online advertising platform promising daily passive income to users for watching advertisement videos.”
Investigators said users were persuaded to upgrade to different VIP membership plans by depositing substantial amounts of money after being assured of “high daily returns and referral commissions”. The agency stated that the fraudsters extensively promoted the application through a Telegram channel administered by individuals using foreign mobile numbers, while funds from investors were allegedly collected through bank transfers, UPI transactions and cryptocurrency wallets.
The ED said the scheme remained operational from June 3, 2022 to October 12, 2022 before the operators abruptly shut down the application and absconded with the collected funds.
According to the investigation, Proceeds of Crime amounting to nearly ₹45.33 crore were generated through the fraudulent operation. The agency identified multiple bank accounts, merchant IDs, payment gateway accounts and cryptocurrency wallets allegedly used for the collection, routing and layering of the illicit funds.
The probe further revealed that the money collected through the application was routed through “various layers of bank accounts and merchant entities enrolled in Payment Gateways, which are mule in nature.” Investigators also detected the use of cryptocurrency wallets operating on the TRON blockchain network for the collection and transfer of USDT tokens.
During the course of the investigation, the ED conducted enquiries with banks, payment gateways, Google, Telegram and cryptocurrency exchanges. Analysis of financial transactions and blockchain transfers enabled investigators to trace proceeds of crime currently available in various bank accounts, which have now been provisionally attached under Section 5 of the PMLA, 2002.
Highlighting the international dimensions of the alleged fraud, the ED said the Telegram channel used for promoting the application was administered by four individuals whose mobile numbers were registered in Cambodia and Malaysia. The agency further stated that the Gmail accounts used to operate the back-end of the application were registered with “Terms of service country: Cambodia”, indicating that “the operational control of the scheme was located outside India throughout the operative period.”
The agency also revealed that a substantial component of the proceeds of crime, estimated at approximately ₹2.45 crore, was collected directly from victims in the form of USDT (Tether) cryptocurrency tokens routed through the TRON blockchain before being transferred to user accounts on a foreign-domiciled cryptocurrency exchange.
The ED said KYC particulars of the immediate end recipients on the exchange have been obtained and the onward movement of funds is being traced. Further investigation is under progress.
