On November 19, 2025, the Gujarat Cyber Centre of Excellence (CCoE) announced a significant breakthrough in dismantling an international cyber-slavery and human trafficking network. The operation led to the arrest of the syndicate’s alleged kingpin, Nilesh Purohit, also known by his alias “Neel” and the moniker “The Ghost.” Along with him, five associates were taken into custody, including a couple. The network, which operated primarily from Southeast Asian countries, preyed on Indian citizens—many from Gujarat—by enticing them with fake job offers promising lucrative opportunities abroad.
Deputy Chief Minister Harsh Sanghvi, who oversees the Home Department, provided detailed insights into the investigation. According to him, Purohit was at the helm of a vast global syndicate comprising over 126 sub-agents. The network’s reach extended beyond India, with links to agents in Pakistan and affiliations with approximately 100 companies across several countries. These companies were involved in supplying manpower to cyber-fraud centers based in Southeast Asia, where victims were exploited to conduct illegal online activities.
Purohit was apprehended in Gandhinagar while attempting to flee the country. Alongside him, authorities arrested his close associates: Hitesh Somaiya, Sonal Phaldu, Bhavdeep Jadeja, and Hardeep Jadeja. Sonal’s husband, Sanjay Phaldu, was also detained. The arrests mark a major success in India’s ongoing efforts to combat cybercrime and human trafficking.
The scope of the syndicate’s trafficking operations was vast and alarming. Purohit was reportedly involved in trafficking over 500 individuals hailing not only from India but also from countries such as Sri Lanka, the Philippines, Pakistan, Bangladesh, Nepal, Nigeria, Egypt, Cameroon, Benin, and Tunisia. These victims were trafficked to countries including Myanmar, Cambodia, Vietnam, and Thailand. The syndicate exploited social media platforms to post fraudulent advertisements, enticing victims with promises of high-paying overseas data-entry jobs.
Once individuals accepted these deceptive offers, their passports were confiscated, and they were transported across borders into Myanmar through routes near KK Park and Myawaddy Township. There, victims were coerced into engaging in illicit online activities such as phishing scams, cryptocurrency fraud, Ponzi schemes, and fraudulent dating app operations. These cybercrimes not only victimized individuals but also caused significant financial harm to unsuspecting people worldwide.
Financial records uncovered during the investigation revealed that Purohit earned between $2,000 and $4,500 per trafficked victim. He shared 30 to 40 percent of these earnings with his network of sub-agents. Transactions were carefully concealed by routing funds through mule bank accounts and multiple cryptocurrency wallets, making it challenging for law enforcement agencies to trace the money flow.
The Government of India, in collaboration with authorities from Thailand and Myanmar, has been proactive in addressing this issue. Joint operations have successfully rescued nearly 4,000 individuals who had been trafficked to cyber-fraud centers. Many of these survivors identified Purohit as the agent responsible for sending them abroad under false pretenses. Following these rescues, a formal case was registered, and a comprehensive investigation was launched to bring all involved parties to justice.
Officials from the Gujarat Cyber Centre of Excellence highlighted the meticulous work involved in tracking down the syndicate. They continuously analyzed data gathered from interviews with rescued returnees, information shared by central agencies like the Indian Cyber Crime Coordination Centre (I4C), and monitored suspicious activities linked to agents operating these scam compounds. Dedicated teams were established for technical analysis, digital forensics, interrogations, and field operations, all of which culminated in identifying and apprehending the key figures behind the trafficking network.
The modus operandi of the syndicate was sophisticated and well-organized. The accused primarily used social media platforms and peer-to-peer referrals to contact potential victims, offering them attractive job opportunities abroad. Interested individuals were interviewed and then provided with flight tickets and logistical support. However, these individuals were typically instructed to travel on tourist visas, which masked the true nature of their journey.
Upon arrival at Bangkok airport, victims were met by armed operatives, reportedly of Malaysian or Chinese origin. These operatives then covertly transported the victims through remote and often dangerous terrain into Myanmar, where the cyber-fraud compounds were located. This covert transit ensured that the victims remained under the syndicate’s control and out of