‘White coat’ module used draft mails, encrypted apps for communication
New Delhi:The probe into the Red Fort blast uncovered how the accused doctors used unsent email drafts and private encrypted servers to plan the attack. With signs of a wider multi-city terror plot, investigators have launched a full-scale digital trawl across platforms, including their sympathisers’ social media accounts, to track every online trace the “white-collar” terror module has left behind.
Sources said specialised cyber teams from security agencies are monitoring public posts, videos, comments and online discussions around the clock to trace any lead from radicalisation to misinformation to suspicious activity linked to the blast.
“Any unusual online behaviour is flagged and shared instantly with field units,” an officer privy to the information said. Inputs from social media cells are being funnelled directly to investigation teams for immediate verification.
Simultaneously, district police units, particularly in Delhi, Uttar Pradesh and Haryana, have been instructed to conduct continuous checks of CCTV footage across markets, border points, transit routes and sensitive installations. Station-level officers have been asked to immediately report any unusual activity to the central control room in the national capital.
“CCTV checks and social media tracking are being done in parallel to ensure no clue slips through,” said an officer involved in the probe. The officer noted that patrols and pickets across the city have been reinforced.
As surveillance intensifies, probe agencies are examining whether the accused had planned simultaneous strikes across several cities. According to sources, the group comprised medical professionals who combined encrypted online tools with low-tech stealth strategies to plan the terror strikes while staying off the radar.
Investigators have found that the suspects, including Dr Umar Nabi, who was driving the car which exploded near the Red Fort, Dr Muzammil Ganaie, lady doctor Dr Shaheen Shahid and others, relied on unsent email drafts to communicate.
All members accessed a single email account, and instead of sending messages, they saved instructions as drafts. The recipient would log in, read the message, and delete it. “Because nothing was transmitted across the network, it left no traceable trail,” a source said.
Alongside this, the accused also used Threema, a Switzerland-based encrypted app that does not require a phone number or email ID. Officials suspect the group even set up a private Threema server, enabling them to exchange sensitive documents, maps, layouts and coded instructions.
