Menu
Browse

Cyber Threat Actor: Sunny Nehra

Actor Type Location Known Incidents
 Icon
Criminal
India
6 incidents
Profile

Sunny Nehra, also known by the alias Sunny Nehra, is an India‑based individual who has been identified as the leader of a small hacking collective involved in financially motivated cyber fraud. The group’s activities were confined to Indian e‑commerce ecosystems, specifically targeting payment gateway services and voucher administration platforms that support a range of online retailers. Their primary objective was monetary gain, as evidenced by the lavish lifestyle they displayed using proceeds from the scheme and the substantial financial losses incurred by the victim organizations.

The collective’s tactics centered on exploiting a vulnerability in the PayU payment gateway during the transaction processing stage. By intercepting payment pages and altering voucher values—such as reducing a ₹5,000 purchase to ₹1—while employing falsified credit cards, they were able to generate high‑value vouchers at minimal cost. Specialized hacking software facilitated these manipulations, and the resulting vouchers were subsequently redeemed across multiple consumer platforms including Amazon, MakeMyTrip, Shoppers Stop, Myntra, and Domino’s Pizza. Law enforcement traced the perpetrators through digital footprints left by purchased devices and linked social media profiles, which ultimately led to their arrest at a luxury hotel following a complaint from the affected voucher administrator.

Attribution information indicates that the group consisted of four individuals, described as BTech dropouts and a student, with Sunny Nehra acting as the leader. One source notes that the hackers collaborated with international cybercriminals to refine their techniques, although no formal criminal consortium or state sponsorship has been publicly established. The available evidence does not link the actors to any nation‑state agenda or broader geopolitical campaign.

The most prominently reported operation occurred on 30 December 2016, when the gang manipulated the PayU system to fraudulently obtain vouchers worth approximately ₹9.2 million (Rs92 lakh). These vouchers were used to acquire goods and services from a variety of online merchants, resulting in detectable losses for the voucher provider and subsequent police investigation. The case stands as a representative example of how localized exploitation of payment processing flaws can be scaled across multiple e‑commerce sectors to generate significant illicit profit before detection and arrest.

Incidents
Attributed incidents available to members
6 incidents
Sources
Sources available to members
0 sources