Crypto scams: In the last few years, online fraud has increased so rapidly in India that many people are unable to understand how and where their money has gone missing. A shocking thing came to light in the investigation of the cases that took place from January 2024 to September 2025. At least 27 cryptocurrency exchanges were used by criminals for money laundering. According to the report of the Ministry of Home Affairs (MHA), these exchanges were used in a similar manner, where cyber fraudsters duped 2,872 people of a total of Rs 623.63 crore and trapped them in the trap of digital wallets and exchanges. All this happened in just 21 months, which is a big thing in itself.
According to a news from Indian Express, investigation revealed that during this period, Rs 25.3 crore was also transferred through 12 foreign crypto exchanges, but it was much less as compared to Indian platforms. These figures show how smart the methods of crime have become in the digital world. This complete data has been prepared jointly by the National Cybercrime Reporting Portal (NCRP) and the Indian Cybercrime Coordination Center (I4C), and it is considered to be the most complex cyber money-laundering network ever discovered.
The victims had no idea where the money was going?
Most of the victims did not even know that they had fallen into a trap. People used to see some app and invest money in it, thinking that they are trading or investing and their money will grow. But in reality their money was quietly converted into crypto. After this, the criminals would make it difficult to track that crypto by moving it between multiple wallets. An official said that these victims had no idea where their hard-earned money was going. For this reason, I4C has created an internal list of 27 Virtual (Digital) Asset Service Provider (VASPs) platforms and shared it with all the investigating agencies and the Financial Intelligence Unit (FIU).
The I4C report shows that out of 1,608 complaints received till September 2025, a total of Rs 200 crore went into India’s own VASP platforms, and out of 1,264 complaints, Rs 423.91 crore went out through these platforms last year. Overall, an amount of about Rs 623.63 crore could be tracked, but according to officials, this is just the ‘tip of the iceberg’, meaning the actual amount could be much more.
Which exchanges? what all said
The Indian crypto exchanges that MHA has identified include big names like CoinDCX, WazirX, Giottus, ZebPay, Mudrex, and CoinSwitch. These exchanges have a large market share, so criminals targeted them.
When comment was sought from these platforms in this regard, CoinSwitch clearly said that ‘No such transfers have taken place from our platform. Our system is completely secure and rules-compliant, so there is no scope for any kind of misuse.
The CoinDCX team said that they cannot share details of any specific case due to privacy regulations, but they did mention that they use hybrid security technologies like multi-signature and multi-party computation (MPC) wallets.
Some exchanges also said that they just facilitate transactions, the actual responsibility lies with the person sending or receiving money. Mudrex India Head Pranjal Aggarwal said that by 2023, all platforms registered with FIU have corrected KYC and AML (Anti-Money Laundering) related rules. He said- “As reporting entities, we regularly file Suspicious Transaction Reports (STRs)… We apply strict rules to every withdrawal, to ensure that there is no fraudulent activity.”
Vikram Subburaj, CEO of Giottus, gave an example to explain this. He said, “If a criminal orders food from Swiggy or takes a cab from Ola, do Swiggy or Ola get involved in that crime? Not at all. The same rule applies to crypto exchanges as well.” He says that crime money also comes and goes in the banking system, but it does not mean that banks are accomplices in crime.
CoinDCX admitted that as the crypto world is growing, bad people are coming up with new tricks. According to his team, “Our focus is to stay ahead of these threats. We are continuously improving our KYC, AML, and security systems to prevent any kind of misuse.”
Why is the confidence in the crypto market weakening?
On the other hand, there are many issues in the crypto market which have weakened the confidence of the common people. Such as irregularities in KYC, non-resolution of complaints, delay in withdrawal of money, or sudden deduction from the account. Cyber attacks on some big Indian crypto exchanges have also increased people’s concern.
In July 2024, a major hack took place on WazirX, in which there was a loss of about 235 million dollars. Its co-founder Nischal Shetty said, “Not our servers, but the third-party custody server was hacked.” They also said that they have completed 85 percent of their responsibilities and have entered into a partnership with BitGo, which has an insurance coverage of $250 million.
ZebPay also said that they keep the security and transparency of their platform above all. According to him, “We follow strict KYC, AML and cybersecurity rules, so that any suspicious activity can be detected quickly.”
When the ban was imposed, crypto exchanges did not have bank accounts
Many large crypto platforms in India are operated by foreign companies. Some said that doing this is a normal way to get easy funding and run a business, but some say that there are problems related to tax and regulations behind it. A CTO, on condition of anonymity, said, “When crypto was banned in 2018, Indian exchanges did not even have bank accounts. At such a time, it was a compulsion to form a foreign holding company.”
The GST Department (DGGI) had searched many crypto platforms in 2022. According to the Finance Ministry, 17 crypto exchanges had not paid GST of Rs 824.14 crore. Later, during the investigation, Rs 122.29 crore was recovered. Foreign platforms have also been brought under the GST ambit from July 2024.
Now the Enforcement Directorate (ED) and FIU are investigating whether Indian intermediaries are acting as “crypto mules”. That means taking commission by converting the criminals’ money into tokens. It is also being seen whether accounts without KYC have dodged the system due to negligence on the part of the platforms.
Biggest fraud transferer of Rs 10.09 crore
The largest fraudulent transfer found in the NCRP data was Rs 10.09 crore, which went through UK/US based Onlychain Vilnius. The second largest transfer of Rs 8.13 crore was made through Mauritius-based Ezipay Ebene.
Onlychain Vilnius did not respond to this, while Ezipay said, “We do not provide any crypto services. All our transactions are card-based and under security rules.” He said that they cooperate with Indian agencies when needed.
After all this, it becomes clear that India’s crypto market is still in the process of learning, improving and strengthening. People are still not fully aware of this, and criminals take advantage of this lack. Both the government and the exchanges are trying to improve the rules and technology from their side, but the common people also have to be careful, because in the digital world, a small mistake can cause huge loss.
