Anatomy of Corporate hijacking in India refers to the illegal takeover or control of a company through various methods, often involving dishonest practices. This situation usually involves individuals or groups unfairly gaining control of a business, weakening its original management and stakeholders. Factors contributing to this issue include gaps in corporate governance, lack of strict rules, and a complicated system that makes accountability hard. Such hijackings can lead to big financial losses and damage to reputation, affecting employees and investors alike. Understanding the structure of corporate hijacking is important for creating effective legal rules and business strategies to protect companies from these threats.
Key Takeaways
- The Anatomy of Corporate Hijacking in India involves illegal takeovers through dishonest methods, often exploiting gaps in corporate governance.
- The hijacking of Unistar Multimedia Limited demonstrates how fraudsters used digital loopholes and automated processes to gain control without purchasing shares.
- Three core vulnerabilities enabled the hijacking: blind trust in digital signatures, lack of audit trails, and barriers preventing legitimate owners from correcting data.
- Regulatory inaction significantly worsened the situation, allowing fraudulent directors to remain in control despite numerous complaints from the real management.
- To safeguard against such hijackings, authorities must enhance verification processes and implement stricter controls over automated approvals.
The Anatomy of Corporate Hijacking in India: How Fraudsters Exploited Portal Loopholes to Seize Unistar Multimedia Limited
Digital transformation was supposed to make corporate compliance safer, faster, and more transparent across India. The introduction of advanced online portals by the Ministry of Corporate Affairs (MCA) promised to eliminate bureaucratic delays and replace paperwork with secure electronic verification. However, deep structural vulnerabilities within the digital infrastructure have accidentally created an entirely new breed of white-collar crime, an issue explored in the Anatomy of Corporate Hijacking in India.
Recently, rogue actors successfully carried out a perfect digital takeover, hijacking a publicly listed business: Unistar Multimedia Limited.
Fraudsters took advantage of technical gaps. They used automated approval processes. Additionally, they employed professional identity theft. As a result, they managed to change corporate history from a remote keyboard.
This case serves as a chilling case study on the anatomy of corporate hijacking in India. It proves that automated systems fail catastrophically when tech-savvy fraud meets regulatory inertia.
The Modus Operandi: A Corporate Takeover Without Shares
In a traditional corporate raid, hostile actors must launch expensive proxy wars, accumulate significant block shares from the open market, or trigger public tenders to secure majority voting rights. The attack on Unistar Multimedia Limited bypassed the stock market entirely. The perpetrators realized that they did not need to own the company’s financial shares if they could simply seize control of its sovereign digital identity on the government portal.
Phase 1: Bypassing Management Verification Via STP Gaps
The initial breach occurred in September 2025, targeting the front-end document upload architecture of the MCA portal. A rogue professional, acting as the external certifier, uploaded Form DIR-12 (the statutory form used for the appointment and resignation of directors) under two specific Service Request Numbers: SRN AB7238679 and SRN AB7397887.
[Rogue Professional Uploads Form DIR-12] │ ▼ [Straight Through Processing (STP)] ───► (No Human Verification of Minutes/Consent) │ ▼[Live Database Instantly Updates Board]
Consequently, the live government database immediately registered three brand-new, unauthorized professional directors to the board of this publicly traded entity:
- Naman Bhanubhai Shah
- Apurvabhai Dilipbhai Shah
- Nitesh Jagmohan Vashistha
This unauthorized insertion results from a major system design flaw: Straight Through Processing (STP). The MCA portal blindly trusts the digital signature certificate (DSC) of a certifying professional. If the electronic signatures match, the system bypasses manual human review by the Registrar of Companies (ROC) and instantly updates the live company profile.
The system never verified whether physical board minutes existed, nor did it validate the mandatory official consent letters (Form DIR−2) from the actual owners. Later, the legitimate board members and the company’s former Managing Director, Alka Mehta, signed sweeping legal affidavits confirming that Unistar Multimedia Limited never held any board meetings, issued notices, or passed resolutions to approve these individuals.
Phase 2: Cyber Exploitation and Board Decapitation
Once the fraudsters gained a key position on the board, they increased their digital attack to completely remove the legal management. On December 15, 2025, the attackers started an unauthorized password recovery process for the company’s master user account on the corporate website. While the system sent an automated warning email to the rightful directors, the administrative safety measures failed. Government helpdesks and technical support lines did not have an emergency “freeze” protocol to pause account access before the next stage of the attack occurred.
Two days later, on December 17, 2025, a practicing Company Secretary named Dipika Soni used the newly compromised portal access to upload another fraudulent Form DIR-12 under SRN AC0027932. This filing instantly terminated four valid, sitting directors of Unistar Multimedia Limited:
- Abhishek Thakkar
- Kiritbhai Solanki
- Patel Vaibhavkumar
- Rupinder Oberoi
The Legal Impossibility: The fraudulent form claimed these individuals were terminated because they were “not reappointed.” Under Section 152 and Section 169 of the Indian Companies Act, 2013, directors of a public listed company cannot simply be dropped via an online form upload. They must be voted out by public shareholders at an Annual General Meeting (AGM) or Extraordinary General Meeting (EGM). Unistar Multimedia Limited had conducted no such meeting, making the filing legally impossible—yet the automated registry processed it anyway.
Core Systemic Issues and Database Alterations
The Unistar incident uncovers a deeper, more structural crisis within India’s corporate registry infrastructure. It highlights three core vulnerabilities that define the current anatomy of corporate hijacking in India.
| Vulnerability VectorSystemic Failure PointOperational Impact on Victims | ||
|---|---|---|
| STP Automation | Blind trust of professional DSCs without cross-checking physical company records. | Instant, unverified changes to public company ownership data. |
| Database Integrity Logs | Lack of immutable, time-locked audit trails preventing retroactive form deletions. | Unauthorized removal of critical historical records (e.g., Auditor Appointments). |
| Defensive Filing Lockout | System validation rules prioritize current (corrupted) data over historical users. | Rightful owners are barred from uploading corrective or defensive forms. |
1. The Threat of Automated Approvals
The ultimate weapon in this corporate hijacking is the speed of automated processing. By prioritizing efficiency over security, the portal enables live records to change without human oversight. Rogue actors effortlessly insert fake directors. They remove real ones over a weekend. They use the official registry as a shield of legitimacy. This happens before the actual business owners even realize that someone has compromised their digital assets.
2. Strange Anomalies in Back-End Database Logs
The security failures in this case went far deeper than simple front-end form submissions. While auditing their digital profile, the rightful management noticed that an entire historical record had been systematically deleted. The company’s valid Auditor Appointment form (Form ADT-1, SRN N11817020) had been marked as cancelled and completely erased from the public viewing portal.
The company had never authorized an auditor change. Furthermore, internal system logs revealed that this critical alteration took place on a Sunday. This weekend activity strongly points to either a severe internal security breach within the database hosting layer or active administrative collusion.
3. Asymmetric System Rigidity: Real Owners Locked Out
To make matters worse, the portal became completely rigid for the real owners. While the scammers uploaded forged documents easily, the portal blocked the valid board from uploading defensive filings. Basic corrective options like the Change Request Form (CRF) failed to load because the fake corporate data had corrupted the profile, leaving the rightful management legally defenseless online.
Regulatory Paralysis: The Failure of Oversight
The most alarming aspect of this hijacking is not the sophistication of the scammers. It is the total paralysis of the regulatory framework. Between September 2025 and March 2026, the real management submitted over 18 formal written complaints. They also filed fraud alerts and technical tickets to the Registrar of Companies (ROC), Mumbai, and the MCA central IT cell.
Despite clear evidence of identity theft, forged signatures, and blatant professional misconduct, the regulator remained completely silent. No interim freeze was placed on the company’s master ID, and the fake board was allowed to remain active on the public portal for months. This delay severely harmed the listed firm. It disrupted corporate banking lines, confused public shareholders, froze legitimate commercial transactions, and eroded trust in the public stock market.
The Path Forward: Reclaiming Digital Trust
The anatomy of corporate hijacking in India proves that automated online registries need better verification steps. Technology should protect honest businesses, not help scammers look legitimate. Speed should never come at the expense of security.
[Proposed Security Patch] │ ├─► Multi-Factor Authentication (MFA) via registered corporate mobile numbers ├─► Mandatory Cooling-Off Periods for all major board changes └─► Dual-Signature Verification for removing sitting directors
To fight back, the lawful owners of Unistar Multimedia Limited have filed an urgent RD-1 Rectification Petition under Section 170(2) of the Companies Act, seeking an emergency administrative rollback of the compromised database logs. They have also filed a formal professional misconduct complaint against the certifying professionals with the disciplinary board of the Institute of Company Secretaries of India (ICSI).
However, if India wants to protect its image as a safe destination for global capital, its regulators must act immediately. They must introduce multi-factor authentication, put mandatory waiting periods on major board updates, and end the dangerous practice of auto-approving structural corporate changes without human review.
To formally lodge complaints, track escalating legal petitions, or report cyber-compliance fraud regarding cases like the Unistar Multimedia corporate hijacking, you must deal directly with specific Indian public authorities and regulatory bodies.
The essential application IDs, active corporate filing channels, official grievance emails, helpdesks, and web portals required to handle registry manipulation and corporate identity theft are organized below.
1. Ministry of Corporate Affairs (MCA) & Regional Director (RD) (Anatomy of Corporate Hijacking in India)
For filing corporate dispute petitions, reporting unverified Straight Through Processing (STP) forms, or submitting an RD-1 Rectification Petition under Section 170(2) of the Companies Act.
- Official Web Link: mca.gov.in
- Grievance & Fraud Emails:
- Central Grievance Cell:
complaints@mca.gov.in - MCA Corporate Helpdesk:
appl.helpdesk@mca.gov.in
- Central Grievance Cell:
- Regional Director (Western Region – Jurisdiction over Mumbai):
rd.west@mca.gov.in - National Corporate Helpdesk Numbers: 0124-4832500 / 0124-2567900
2. Registrar of Companies (ROC), Mumbai (Anatomy of Corporate Hijacking in India)
Since Unistar Multimedia Limited is registered in Maharashtra, all regulatory technical tickets and emergency physical complaints against false Form DIR-12 filings fall under the jurisdiction of the Mumbai ROC office.
- Official Web Link: MCA Contact Directory
- Official Email Address:
roc.mumbai@mca.gov.in - Physical Location / Helpdesk: Registrar of Companies, 100, Everest Building, Marine Drive, Mumbai – 400002.
- Landline Contact: 022-22812627 / 022-22813760
3. Securities and Exchange Board of India (SEBI) (Anatomy of Corporate Hijacking in India)
Because Unistar is a publicly traded entity, fraud affecting management composition and stock manipulation must be reported immediately via SEBI’s institutional investor defense portal (SCORES).
- Official Web Link: scores.sebi.gov.in (SEBI Complaints Redress System)
- General Helpline Emails:
sebi@sebi.gov.in/scores@sebi.gov.in - Toll-Free Investor Helpline Numbers: 1800-266-7575 / 1800-22-7575
4. Institute of Company Secretaries of India (ICSI) Disciplinary Board (Anatomy of Corporate Hijacking in India)
To file a professional misconduct complaint against a certifying professional or Company Secretary (such as the professional who authorized the unverified portal uploads).
- Official Web Link: icsi.edu
- Disciplinary Directorate Email:
discipline@icsi.edu - General Corporate Communication:
info@icsi.edu - Contact Number: 011-45341000
5. Summary Matrix for Immediate Application Deployment (Anatomy of Corporate Hijacking in India)
| Authority | Core Purpose for Action | Dedicated Link / Portal Route |
| MCA Portal | Tracking original rogue submissions (SRN AB7238679, SRN AB7397887, SRN AC0027932). | MCA Service Request Status |
| SEBI SCORES | Investor alerts, market manipulation reports, and emergency listed-entity updates. | SCORES Portal Registration |
| ROC Mumbai | Submission of formal investigation requests and physical letters of objection. | Email direct to roc.mumbai@mca.gov.in |
⚠️ Filing Tip: When escalating technical blocks like corrupted profiles or non-loading Change Request Forms (CRF), always copy
appl.helpdesk@mca.gov.inand quote your original Ticket ID or SRN in the subject line to establish a clear legal paper trail.
Facing a similar challenge? Share the details in the box below, and our team of experts will do their best to help.