The car blast near Delhi’s Red Fort on November 10, which killed 15 people, has once again highlighted how encrypted communication tools have become central to modern terrorist operations. Investigations reveal that the accused used a combination of Telegram, Signal, Threema, and Session to coordinate with handlers abroad. These apps were originally designed to protect user privacy. However, because of their strong encryption and anonymity features, they have increasingly become preferred tools for terrorist organisations, radical networks, and criminals. Among them, Threema has been used consistently. A source said: Unlike conventional messaging platforms, Threema does not require a phone number or email ID for registration, making it extremely difficult to trace the users. Investigators suspect that the accused doctors set up a private Threema server to communicate securely and avoid detection.
So, let’s break down how these apps were used, why they are difficult to trace, and what the Indian government is doing to counter such misuse. What happened: Terrorists used multiple encrypted apps According to interrogation details cited by media outlets, the accused confessed that they relied heavily on encrypted messaging platforms for communication. Four apps came into focus: The Turkey connection A Times of India report states that four terrorists linked to Jaish-e-Mohammed and Ansar Ghazwat-ul-Hind travelled to Turkey in 2022. There, initial conversations with their handler began on Telegram.
But as the group moved closer to operational planning, they intentionally shifted to Signal and Session, which offer stronger privacy and anonymity features. Why Terrorists shifted from Telegram → Signal → Session→Threema Stage 1: Telegram for initial contact Telegram is a popular app with millions of users and large public communities. For extremists, this means: Stage 2: Signal for sensitive conversations Signal uses the world-renowned Signal Protocol for encryption. It ensures: Stage 3: Session for maximum anonymity Session is more extreme in privacy: Stage 4: Threema — Swiss privacy Threema is a Swiss-based private messenger with strong privacy controls. How these apps make tracking difficult Investigators face challenges due to end-to-end encryption. Messages can be seen only by the sender receiver. Even the companies cannot access the message content. Session and Signal store almost nothing about: Why these apps are attractive (high-level reasons) Normal apps are built around identity, convenience, and trust, while privacy-focused apps are built to minimise surveillance and maximise anonymity. Apps the Indian government has banned over terror-linked misuse To counter the use of digital platforms by extremists, the Indian government has banned several apps over security concerns. These bans were primarily based on intelligence assessments suggesting: The ongoing migration pattern Terrorist groups and lone actors have repeatedly moved their communications and propaganda onto messaging apps that offer strong privacy, anonymity, ease of mass dissemination, and low friction. The pattern over the last decade has been a cat-and-mouse dynamic. When one platform increases moderation or faces legal action, extremist activity shifts to alternative services. As those platforms begin imposing their own safeguards, the activity scatters yet again.
Addressing this recurring cycle requires careful, multi-layered policies that protect public safety while also preserving legitimate privacy rights and the vital role encrypted communication plays for journalists, activists, and civil society.
The post appeared first on .
The post appeared first on .
