India
Delhi police have revealed that three doctors linked to Faridabad’s Al Falah University, who are under investigation for the deadly car blast near the Red Fort, used an encrypted Swiss communication app called Threema to plan and coordinate attacks across the national capital.
The suspects—Dr Umar Un Nabi, Dr Muzammil Ganaie, and Dr Shaheen Shahid—were reportedly in constant contact through the app, awaiting instructions from their handlers while planning multiple serial blasts. Investigators described Umar as the most radicalized member of the module and the central link connecting the other two doctors. Following the arrest of Muzammil and other associates, Umar is believed to have switched off his phones and severed digital contacts to evade detection.
Authorities have seized a red Ford EcoSport from Faridabad, allegedly used by the suspects to transport and store ammonium nitrate over time. The blast near the Red Fort, which occurred on Monday evening, has claimed 13 lives as of Thursday, with several others still undergoing treatment at LNJP Hospital.
The police said the suspects conducted multiple recce operations in Delhi to identify targets, including historic sites and vital installations. Unlike conventional messaging platforms, Threema does not require a phone number or email for registration, making it nearly impossible to trace. Each user receives a unique ID unlinked to any SIM card or mobile number, and the app offers end-to-end encryption, with an option to operate on private servers.
Investigators suspect the accused set up a private Threema server to securely exchange sensitive material, including maps, layouts, and coded instructions related to the Red Fort blast conspiracy. The platform also allows messages to be deleted from both ends and does not retain metadata, significantly complicating forensic retrieval.
Preliminary findings indicate that the encrypted network played a central role in coordinating the attack. Police are examining whether the private server was hosted in India or overseas, and whether other module members had access. In addition to the blast vehicle, authorities have seized three other cars being prepared for potential attacks in Delhi.
The probe underscores the growing use of sophisticated encrypted technologies by terror modules, posing new challenges for law enforcement agencies tasked with safeguarding the capital.
English
Gujarati
Hindi
Kannada
Malayalam
Marathi
Punjabi
Tamil
Telugu
