DoorDash scam used fake drivers, phantom deliveries to bilk $2.59M
(2025/05/16)
- Reference: 1747350875
- News link: https://www.theregister.co.uk/2025/05/15/exdoordash_driver_scam/
- Source link:
A former DoorDash driver has pleaded guilty to participating in a $2.59 million scheme that used fake accounts, insider access to reassign orders, and bogus delivery reports to trigger payouts for food that was never delivered.
Sayee Chaitanya Reddy Devagiri, 30, of Newport Beach, California, pleaded guilty on Tuesday in a federal court to one count of conspiracy to commit wire fraud. In August, a federal grand jury charged Devagiri and three others — Manaswi Mandadapu, Matheus Duarte, and Hari Vamsi Anne — for their involvement in the scheme.
Devagiri, in pleading guilty, said he worked as a delivery driver for DoorDash between 2020 and 2021, and during that time participated in a conspiracy to obtain fraudulent payments for deliveries that never occurred.
[1]
Here's how the scheme worked: the group created "multiple" fake customer and driver accounts, according to the [2]indictment [PDF]. Then, they used the bogus customer accounts to place expensive orders throughout Northern California.
[3]
[4]
The conspirators then used [5]login credentials belonging to DoorDash employees to access the biz's internal systems and manually reassign orders to fake driver accounts under their control. The driver accounts falsely reported the food as delivered, triggering payments through a vendor acting on DoorDash's behalf.
The credentials used in the scheme belonged to two DoorDash employees. According to [6]the feds , one of them is Tyler Thomas Bottenhorn, who is a resident of Solano County, California, and was briefly employed by DoorDash in 2020. The indictment does not explain how the credentials were obtained.
[7]
Bottenhorn was separately charged with conspiracy to commit wire fraud in 2022, and he pleaded guilty in November 2023.
[8]DoorDash sued for allegedly branding customer a fraudster after delivery photo query
[9]Who needs phishing when your login's already in the wild?
[10]DOGE worker's old creds found exposed in infostealer malware dumps
[11]Snowflake CISO on the power of 'shared destiny' and 'yes and'
After reassigning the fraudulent orders to fake driver accounts, Devagiri and his co-conspirators used those accounts to falsely report the deliveries as complete - even though no food was ever delivered. Marking the orders as fulfilled triggered payments through a vendor acting on DoorDash's behalf.
Then, using credentials belonging to Bottenhorn and another DoorDash employee, the group reset the scam by changing order statuses from "delivered" back to "in process," then manually reassigning them to their own fake driver accounts, starting the cycle again.
Prosecutors say the process took less than five minutes per order and was repeated hundreds of times, netting over $2.59 million in fraudulent payouts.
Devagiri, the third defendant to plead guilty in connection with the scheme, is scheduled to return to court on September 16. He faces a maximum of 20 years behind bars and a $250,000 fine. ®
Get our [12]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aCa4SGbFpHz7u5rqzY-2xAAAAEU&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://regmedia.co.uk/2025/05/15/5_24cr451_indictment_as_to_sayee_chaitanya_reddy_devagiri.pdf
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aCa4SGbFpHz7u5rqzY-2xAAAAEU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aCa4SGbFpHz7u5rqzY-2xAAAAEU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[5] https://www.theregister.com/2025/04/23/stolen_credentials_mandiant/
[6] https://www.justice.gov/usao-ndca/pr/four-defendants-charged-multi-million-dollar-fraud-targeting-san-francisco-delivery
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aCa4SGbFpHz7u5rqzY-2xAAAAEU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[8] https://www.theregister.com/2025/03/18/doordash_sued_customer_fraudster/
[9] https://www.theregister.com/2025/04/23/stolen_credentials_mandiant/
[10] https://www.theregister.com/2025/05/12/doge_cyber_experts_creds_found/
[11] https://www.theregister.com/2025/05/15/snowflake_ciso_interview/
[12] https://whitepapers.theregister.com/
Sayee Chaitanya Reddy Devagiri, 30, of Newport Beach, California, pleaded guilty on Tuesday in a federal court to one count of conspiracy to commit wire fraud. In August, a federal grand jury charged Devagiri and three others — Manaswi Mandadapu, Matheus Duarte, and Hari Vamsi Anne — for their involvement in the scheme.
Devagiri, in pleading guilty, said he worked as a delivery driver for DoorDash between 2020 and 2021, and during that time participated in a conspiracy to obtain fraudulent payments for deliveries that never occurred.
[1]
Here's how the scheme worked: the group created "multiple" fake customer and driver accounts, according to the [2]indictment [PDF]. Then, they used the bogus customer accounts to place expensive orders throughout Northern California.
[3]
[4]
The conspirators then used [5]login credentials belonging to DoorDash employees to access the biz's internal systems and manually reassign orders to fake driver accounts under their control. The driver accounts falsely reported the food as delivered, triggering payments through a vendor acting on DoorDash's behalf.
The credentials used in the scheme belonged to two DoorDash employees. According to [6]the feds , one of them is Tyler Thomas Bottenhorn, who is a resident of Solano County, California, and was briefly employed by DoorDash in 2020. The indictment does not explain how the credentials were obtained.
[7]
Bottenhorn was separately charged with conspiracy to commit wire fraud in 2022, and he pleaded guilty in November 2023.
[8]DoorDash sued for allegedly branding customer a fraudster after delivery photo query
[9]Who needs phishing when your login's already in the wild?
[10]DOGE worker's old creds found exposed in infostealer malware dumps
[11]Snowflake CISO on the power of 'shared destiny' and 'yes and'
After reassigning the fraudulent orders to fake driver accounts, Devagiri and his co-conspirators used those accounts to falsely report the deliveries as complete - even though no food was ever delivered. Marking the orders as fulfilled triggered payments through a vendor acting on DoorDash's behalf.
Then, using credentials belonging to Bottenhorn and another DoorDash employee, the group reset the scam by changing order statuses from "delivered" back to "in process," then manually reassigning them to their own fake driver accounts, starting the cycle again.
Prosecutors say the process took less than five minutes per order and was repeated hundreds of times, netting over $2.59 million in fraudulent payouts.
Devagiri, the third defendant to plead guilty in connection with the scheme, is scheduled to return to court on September 16. He faces a maximum of 20 years behind bars and a $250,000 fine. ®
Get our [12]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aCa4SGbFpHz7u5rqzY-2xAAAAEU&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://regmedia.co.uk/2025/05/15/5_24cr451_indictment_as_to_sayee_chaitanya_reddy_devagiri.pdf
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aCa4SGbFpHz7u5rqzY-2xAAAAEU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aCa4SGbFpHz7u5rqzY-2xAAAAEU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[5] https://www.theregister.com/2025/04/23/stolen_credentials_mandiant/
[6] https://www.justice.gov/usao-ndca/pr/four-defendants-charged-multi-million-dollar-fraud-targeting-san-francisco-delivery
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aCa4SGbFpHz7u5rqzY-2xAAAAEU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[8] https://www.theregister.com/2025/03/18/doordash_sued_customer_fraudster/
[9] https://www.theregister.com/2025/04/23/stolen_credentials_mandiant/
[10] https://www.theregister.com/2025/05/12/doge_cyber_experts_creds_found/
[11] https://www.theregister.com/2025/05/15/snowflake_ciso_interview/
[12] https://whitepapers.theregister.com/
How in the World ...
An_Old_Dog
... did these perps think that the DoorDash accounting department would not notice that just a few accounts had, between them, performed more than TWO MILLION DOLLARS' worth of deliveries in less than a year?!
"Bottom" line
harrys
food gets delivered to your door....
did the person who cooked it wash their hands after doing a number 2?
no guarantee's.... but at least in "older times" you actually went to the takeaway to order your food and see the level of hygiene
so .... eat some food delivered to your door by a random stranger, cooked at some random location in god knows what conditions and quality of ingredients
when at home, cook your own u "lazy bottoms"
PS proof that idiocracy has arrived.... klana partnering with doordash, hahahaha
DoorDash
So DoorDash, how's those off shore Dev's working out for you?