Ghost SIM network, encrypted apps used by doctors linked to Red Fort blast probe

Srinagar: Shocking details have emerged as security agencies continue to investigate the suspected white-collar terror-linked explosion that occurred near the Red Fort in New Delhi on November 10 last year.

Investigators have revealed that both the doctor who died in the blast and the doctors arrested in connection with the case were allegedly in touch with handlers based in Pakistan using a sophisticated network of ghost SIM cards and encrypted communication platforms.

According to officials familiar with the probe, the accused doctors—including Muzammil Ganai and Adil Rather—followed a “dual-phone” strategy to evade surveillance by intelligence and security agencies. The doctors allegedly operated multiple mobile handsets simultaneously, carefully segregating their personal, professional and clandestine communications.

Officials said that the deceased doctor, Dr Umar-un-Nabi, and other accused used two to three mobile phones each. One phone, registered in their own names with legitimate SIM cards, was used for routine personal and professional communication to avoid raising suspicion.

Another phone was used exclusively for covert communication through WhatsApp and other encrypted applications to remain in contact with Pakistan-based handlers identified as Ukasa, Faisal and Hashmi.

Investigators disclosed that the SIM cards used in these secondary phones were procured by misusing civilian Aadhaar cards. The Jammu and Kashmir Police have since busted a racket that supplied SIM cards using fake or fraudulently obtained identity documents.

These ghost SIM cards, authorities said, are difficult to trace and are often activated far from the user’s location, complicating tracking efforts. Security officials have also expressed concern that several such ghost SIM cards remain active in Pakistan-occupied Kashmir (PoK) and along border areas, posing a continuing threat. “These SIMs are still live and are being monitored closely. Their continued activity is alarming,” an official said.

The investigation has further revealed that the accused exploited phone features that allow messaging apps to function even without a physical SIM card. Through these methods, information related to improvised explosive device (IED) assembly and other operational details was allegedly shared using platforms such as YouTube and encrypted messaging services.

Officials believe the case highlights a dangerous trend of highly educated professionals being radicalised and recruited into terror networks, using advanced digital tools to bypass conventional surveillance. Security agencies are now expanding the scope of the investigation to identify others who may have been part of the ghost SIM supply chain or digital communication network.

The probe remains ongoing, with central and state agencies working jointly to dismantle the infrastructure behind the encrypted communication and prevent future misuse of identity documents and digital platforms for terror-related activities.

Also Read: Stone pelting during religious procession in JJ Nagar leaves woman critically injured, tension grips area