The ongoing investigations into the blast near Delhi’s Red Fort has revealed more details about how the terrorists were able to dodge the radar of law enforcement. The probe into November blast in the capital also showed how a highly educated ‘white-collar’ terror module used ghost SIM cards, multiple dual-sim mobile phones and encrypted messaging apps to stay in touch with Pakistani handlers, officials said.
The probe being run by the National Investigation Agency (NIA) uncovered that the accused, including doctors, followed a “dual-phone” strategy to evade arrests.
They used one phone, registered in their own names, for routine personal and professional communication. The accused also used a second handset to exclusively communicate with Pakistani handlers through apps such as WhatsApp, Telegram and Signal.
What did officials involved in the investigation say?
The officials involved in the investigation said that the probe into the ‘white-collar’ terror module and the blast led to a web of “ghost” SIM cards being used by the arrested doctors, including Muzammil Ganaie, Adeel Rather and others
The investigation further revealed that the SIM cards which were being used in these secondary phones were often issued in the names of unsuspecting civilians, whose Aadhaar details were misused.
Police in Jammu and Kashmir also uncovered a separate network where SIMs were issued using fake Aadhaar credentials. Security officials say the Red Fort blast case marks a shift in how terror networks operate in India.
Each accused, including Dr Umar-un-Nabi, who was killed while driving the explosives-laden vehicle near the Red Fort, carried two to three mobile handsets, police officials said.
Instead of relying only on overground workers or traditional militant recruits, handlers are increasingly targeting educated professionals with clean public profiles, making detection harder.
Government revises guidelines for telecom players
The outcome of the investigations essentially formed the basis for the Department of Telecommunications (DoT) to issue a sweeping directive on November 28 last year, mandating services like WhatsApp, Telegram and Signal must be linked to a physical SIM card within the device.
The order further directs the telecom operators to automatically log out users from apps like WhatsApp, Telegram and Signal in case of the absence of an active SIM. Officials further said that all service providers, including Snapchat, Sharechat and Jiochat, must submit updated compliance reports to the DoT.
As per a statement given by a government agency, this move was prompted by the rising trend of ghost SIMs being employed by terror operators. According to officials, Pakistani handlers and their agents used to exploit this feature that allows you to operate messaging apps without a physical SIM in the device to learn IED assembly via YouTube and plot “hinterland” attacks.
IED assembly refers to the process of constructing an Improvised Explosive Device (IED)—a homemade bomb built from non-standard, readily available materials rather than factory-made military explosives.
According to the officials, the security agencies noted a disturbing trend where these compromised SIMs remained active on messaging platforms across the border in Pakistan-occupied Kashmir (PoK) or Pakistan.
(With inputs from PTI)