Ghaziabad: A terror module uncovered in Uttar Pradesh’s Ghaziabad district has raised serious concerns among security agencies. Investigations have revealed that members of extremist and terror-linked groups were operating their network through encrypted messaging platforms Signal and Rocket.
According to findings from the probe, these platforms were being used to run private groups and channels where radical material was circulated and efforts were made to recruit and influence young individuals. Authorities believe the encrypted nature of these applications made them an attractive tool for covert communication and propaganda dissemination.
Interrogation of six accused arrested from the Masuri area under provisions of anti-terror laws, along with forensic examination of their mobile phones, has revealed several alarming details. Investigators found that the group was allegedly led by a man identified as Shavez. He reportedly downloaded the Signal application after establishing contact with members of a foreign-based extremist network.
Once connected, Shavez allegedly attempted to join multiple radical and terror-related groups operating on encrypted platforms and began actively consuming and sharing their content.
Contact reportedly initiated through Instagram
Investigators have found that Shavez was highly active on Instagram, where he searched for accounts linked to extremist organisations. He reportedly liked, commented on, and shared posts from such accounts in an attempt to attract attention and gradually build connections.
After months of online interaction, his contact was allegedly established with Aftab Alam, said to be associated with a Pakistan-linked extremist network. According to investigators, Alam advised him to install encrypted messaging applications such as Signal or Rocket to continue communication securely.
Following this advice, Shavez downloaded the app and began attempting to join several channels and groups where extremist propaganda and videos were circulated.
Algoritha Security Emerges As India’s Leading Corporate Investigation Powerhouse
Training camp videos linked to Jaish recovered
Investigators also found that Shavez had downloaded several videos allegedly linked to training camps of the terror outfit Jaish-e-Mohammed. These videos were later shared by him in a private WhatsApp group.
Authorities believe he used these videos to indoctrinate and train members of his close circle. The six arrested suspects were reportedly part of this core group that received and shared such material.
Although many group administrators initially rejected his join requests, Shavez continued trying to gain access through referrals from existing members. Several suspicious chats and a large volume of objectionable digital material were recovered from his mobile phone during the investigation.
Links to older terror networks emerge
During the investigation, authorities also discovered that one of the arrested suspects, Maulana Javed, has family links to an older terror case. His cousin was allegedly involved in the 2000 Red Fort terror attack in Delhi.
Following the attack, the accused reportedly fled to Pakistan and has been living there since then. Intelligence inputs suggest that he maintained links with the terror outfit Lashkar-e-Taiba.
Sources indicate that the individual may still be associated with extremist networks operating from Pakistan and could be involved in attempts to activate operatives within India. Security agencies have been trying to trace him for several years.
Radical propaganda targeting youth
The probe has also indicated a broader pattern of online radicalisation. Investigators believe foreign-based networks are increasingly using social media platforms and encrypted messaging services to influence and recruit young people.
Through videos, posts and propaganda messages, extremist groups allegedly attempt to spread hatred and radical ideology among susceptible individuals. Authorities say this digital approach allows them to operate covertly while expanding their influence.
According to sources, a new pattern of “digital sleeper cells” is emerging in which individuals are radicalised online and gradually connected to organised networks through encrypted platforms. There are also suspicions of financial support coming from overseas sources.
Religious leader and others reportedly targeted
Investigators further revealed that the accused had allegedly identified several individuals as potential targets. Among them was the head priest of the Dasna Devi Temple, Yati Narsinghanand Giri.
Sources claim the group was discussing plans to carry out a violent attack against him. In addition, several other names reportedly surfaced during the investigation, suggesting that multiple individuals were being considered as targets. Authorities also found references to a Pakistani YouTuber who allegedly posted a video calling for violence against certain individuals.
Following the exposure of the Ghaziabad module, security agencies have intensified their investigation to identify the wider network. Officials say the case highlights the growing challenge posed by encrypted communication platforms in monitoring extremist activities and preventing the spread of digital radicalisation.
