In a significant move to combat transnational cybercrime, India’s Enforcement Directorate (ED) has attached assets worth ₹42.8 crore in a high-profile cyberfraud case involving Chirag Tomar, an Indian national convicted in the United States for orchestrating a $20 million (₹166 crore) cryptocurrency scam. The case, centered around a spoofed Coinbase website, underscores the growing sophistication of cyberfraud and its implications for India’s financial security. This article explores the details of the ED’s actions, the mechanics of the fraud, its impact on victims, and the broader challenges in tackling such crimes.
The Cyberfraud Scheme: Spoofing Coinbase
On August 2, 2025, the ED announced the provisional attachment of assets under the Prevention of Money Laundering Act (PMLA), targeting 18 immovable properties in Delhi and bank deposits linked to Chirag Tomar, his family members, and close associates. Tomar, currently serving a 60-month sentence in a U.S. prison after pleading guilty in May 2024, masterminded a sophisticated scheme that exploited vulnerabilities in the cryptocurrency ecosystem. By creating fake websites mimicking Coinbase, a leading global cryptocurrency exchange, Tomar and his accomplices tricked users into sharing sensitive financial information, including login credentials and wallet details.
The fraudulent websites were designed to appear legitimate, leveraging search engine optimization (SEO) techniques to rank at the top of search results for terms related to Coinbase. Unsuspecting users, primarily in the United States, entered their details on these spoofed sites, allowing the perpetrators to siphon off nearly ₹600 crore worth of cryptocurrency. The stolen funds were then transferred to peer-to-peer (P2P) crypto platforms in India, converted into Indian rupees, and deposited into multiple bank accounts controlled by Tomar and his network.
Laundering the Proceeds
The ED’s investigation revealed that the proceeds of the crime were used to acquire luxury assets, including high-end watches, Lamborghinis, Porsches, and prime properties in Delhi. Funds were also used to finance lavish international travel to destinations like Dubai and Thailand. The agency conducted search operations in February 2025 across Delhi and Mumbai, uncovering evidence of these transactions and identifying the assets now under attachment. The ED’s actions aim to disrupt the financial networks that enable such crimes, sending a strong message to cybercriminals operating across borders.
The case was initiated based on media reports from the United States, highlighting the importance of international cooperation in tackling cyberfraud. The ED collaborated with U.S. authorities to trace the flow of funds, demonstrating the challenges of investigating crimes that span multiple jurisdictions and involve digital currencies designed to obscure transactions.
Impact on Victims and Financial Systems
The Coinbase spoofing scam affected thousands of victims, primarily in the U.S., who lost significant sums of cryptocurrency. The financial and emotional toll on these individuals underscores the human cost of cyberfraud. Beyond individual losses, such schemes threaten the integrity of global financial systems, particularly in the rapidly growing cryptocurrency sector. By exploiting trust in platforms like Coinbase, fraudsters erode consumer confidence, potentially slowing the adoption of digital currencies.
In India, the case highlights vulnerabilities in the domestic financial ecosystem, particularly the use of P2P platforms for money laundering. These platforms, which allow direct transactions between users, often lack the stringent know-your-customer (KYC) protocols enforced by traditional financial institutions. The ED’s asset attachment is a step toward holding perpetrators accountable and recovering illicit gains, but it also raises questions about the need for stronger regulation of cryptocurrency transactions in India.
Challenges in Combating Cyberfraud
The Chirag Tomar case exposes several challenges in addressing transnational cybercrime. First, the anonymity and decentralization of cryptocurrencies make it difficult to trace funds, requiring advanced forensic tools and international collaboration. The ED’s success in identifying ₹42.8 crore in assets demonstrates progress, but the total value of the fraud (₹600 crore) suggests that significant proceeds remain unrecovered.
Second, the use of SEO to manipulate search results highlights the evolving tactics of cybercriminals. By exploiting digital marketing tools, fraudsters can target large audiences with minimal effort, necessitating greater oversight of online platforms and search engines. Third, India’s fragmented regulatory landscape, with varying state-level policies on financial oversight, complicates efforts to monitor and prevent money laundering. Harmonizing these regulations could strengthen the ED’s ability to act swiftly in such cases.
Finally, international cooperation remains a critical hurdle. While the ED collaborated with U.S. authorities, differences in legal frameworks, data-sharing protocols, and judicial processes can delay investigations. Strengthening bilateral agreements and leveraging global frameworks like the Financial Action Task Force (FATF) could enhance India’s capacity to tackle transnational cyberfraud.
Broader Implications for India’s Cybersecurity
The Tomar case underscores the growing threat of cybercrime in India, which is rapidly digitizing its economy. With over 1.4 billion internet users and a booming fintech sector, India is a prime target for cybercriminals. The ED’s actions signal a proactive stance, but broader measures are needed to bolster cybersecurity. These include investing in advanced detection technologies, training law enforcement in digital forensics, and raising public awareness about phishing and spoofing scams.
The case also highlights the need for robust cryptocurrency regulations. While India has taken steps to tax crypto transactions and mandate KYC for virtual asset service providers, gaps remain in monitoring P2P platforms and cross-border transfers. The Reserve Bank of India (RBI) and the ED could work together to develop a comprehensive framework that balances innovation with security.
The Enforcement Directorate’s attachment of ₹42.8 crore in assets in the Chirag Tomar cyberfraud case is a significant milestone in India’s fight against transnational financial crime. By targeting the proceeds of a sophisticated Coinbase spoofing scam, the ED demonstrates its commitment to disrupting illicit financial networks and recovering assets for victims. However, the case also exposes the challenges of combating cyberfraud in a digital age, from tracing cryptocurrency transactions to navigating jurisdictional complexities. As India strengthens its cybersecurity and regulatory frameworks, continued international cooperation and public awareness will be key to staying ahead of cybercriminals. The ED’s actions send a clear message: India is resolute in protecting its financial systems and holding fraudsters accountable, no matter where they operate.
