Investigations into the November 10 Red Fort explosion, which killed 15 people, have revealed a sophisticated communication network employed by the accused doctors, officials said on Sunday. The "white-collar" terror module used multiple “ghost” SIM cards and encrypted messaging apps to coordinate with Pakistani handlers, bypassing security monitoring.
Authorities stated that each accused, including Umar-un-Nabi who died driving the explosives-laden vehicle carried two to three mobile phones. One was a “clean” phone for personal use, while the other, known as the “terror phone,” was used exclusively for apps like WhatsApp and Telegram to communicate with handlers identified by codenames such as 'Ukasa', 'Faizan', and 'Hashmi'. Many SIM cards were issued in the names of unsuspecting civilians using stolen Aadhaar details, with some even generated via fake Aadhaar documents.
The exploitation of messaging apps without active SIM cards prompted the Department of Telecommunications (DoT) to issue a directive mandating that app-based communication must now remain linked to a valid physical SIM. Telecom operators have been instructed to log out users from apps like WhatsApp, Telegram, and Signal if no active SIM is detected. The order also requires compliance reporting from all service providers, including Snapchat, Sharechat, and Jiochat.
The probe traced the module’s roots to Al Falah University in Faridabad, Haryana, leading to the arrest of doctors Muzammil Ganaie and Shaheen Sayeed. Authorities also seized 2,900 kg of ammonium nitrate, potassium nitrate, and sulphur. Investigators found that handlers guided recruits via YouTube on IED assembly and planned attacks in India, despite their initial intentions to join conflict zones abroad.
The National Investigation Agency continues to investigate the case. Officials stressed that the new measures are critical to safeguarding India’s telecom infrastructure and preventing the digital facilitation of terror activities in the future.
