As the investigation into the Delhi blast progresses, more shocking details about how the Faridabad terror module communicated have emerged. One of these bizarre methods included keeping email drafts in a shared account.
Since these emails were not sent, it was effective in avoiding detection by security agencies as there was no digital trail. However, it served the purpose of communicating as the drafts were kept in a shared account accessible to all members.
Dr Umar un Nabi, who was driving the Hyundai i20 that exploded in Delhi, as well as others in the module, including Dr Muzammil Shakeel and Dr Shaheen Shahid, were among those who had access to this shared account.
Once the sender saved the draft email, the intended recipient would access the account to read the message and delete it immediately. Officials cited by PTI revealed that the technique shows how cautious the members of the terror module were.
This comes after reports revealed that the module used Threema, a Swiss app banned in India, to send encrypted messages anonymously. Threema app does not require phone numbers or email addresses for registration, instead it generates a random user ID.
Since it is a paid app, Threema asks users to send payments in cash via courier to its registered office in Churerstrasse, Switzerland, in order to avoid tracking by security agencies. Users can also pay in Bitcoins.
Users communicate with their contacts by scanning each other's QR codes when they first meet. It allows text and voice messages, voice and video calls as well as location and media file sharing.
Several mobile apps, including Threema, were banned by India in May 2023 over security reasons under Section 69A of the IT Act, 2000 after they were found to be used by Pakistan-linked terrorists to spread propaganda and communicate with handlers across the border. Other similar apps banned by India include Zangi, IMO, Briar, Element, MediaFire, Second Line, Safeswiss, Nandbox and BChat.
Investigators have reportedly accessed the metadata from the Threema accounts as well as around 400 encrypted messages exchanged on two Telegram groups linking the Faridabad terror module to Pakistan-based Jaish-e-Mohammed.