Delhi blast suspects used ‘dead drop’ email drafts to plan attacks, say sources

New Delhi: Investigators probing the 10 November Red Fort car blast have uncovered that the arrested suspects—three doctors linked to Al Falah University—used the covert ‘dead drop’ email technique to communicate, sources revealed. This method, often deployed by terror groups and spy networks, enables discreet exchange of information while leaving minimal digital traces.

At least 13 people were killed and nearly two dozen injured when a Hyundai i20 exploded near the Red Fort junction, triggering nationwide alarm and a massive counter-terror operation.

Doctors used shared email draft folder

According to sources, the key suspects—Dr Muzammil Shakeel, Dr Umar Mohammad, and Dr Shaheen Saeed—shared a single email account. Instead of sending messages, they would type plans and updates in the drafts folder. Others with access would log in, read the draft, add replies, or delete content as needed.

Because no emails were actually sent, conventional surveillance systems struggled to detect the exchange. The technique has long been associated with covert operatives seeking to avoid interception.

Encrypted apps also part of communication web

Investigators also discovered that the group used a mix of encrypted and relatively untraceable digital platforms, including Threema, Telegram, and other secure apps. These channels reportedly helped them coordinate logistics, share instructions, and maintain secrecy while operating in Delhi-NCR.

Sources believe the messaging pattern indicates a deliberate effort to mirror the communication methods used by Pakistan-based Jaish-e-Mohammad (JeM), with whom the suspects are suspected to have ties.

Umar was the i20 driver, confirm officials

Officials have confirmed that Dr Umar Mohammad was behind the wheel of the i20 that exploded near the Red Fort. His body was identified using DNA samples matched with his mother.

Investigators suspect he may have detonated the device prematurely or in panic after learning that his associates were being tracked or detained. The remaining two doctors were arrested shortly before the blast by Jammu and Kashmir Police, who had already begun dismantling the Faridabad-based module.

Massive explosives haul points to larger plot

Raids conducted at properties rented by the suspects near Delhi yielded:

• Nearly 3,000 kg of explosives and precursor chemicals
• Bomb-making material
• A rifle and ammunition recovered from Shaheen Saeed’s car

Sources earlier stated that the three had been holding secret planning meetings inside Muzammil’s room at Al Falah University. Investigators believe they were preparing for additional coordinated blasts in the capital before the module was exposed.

Investigators piecing together digital footprint

With the unravelling of the dead drop email technique, agencies are now reconstructing the suspects’ communication trail to determine:

• Possible handlers based abroad
• Whether additional modules were operating alongside them
• The extent to which JeM cadres influenced their radicalisation
• The timeline of planning leading up to the 10 November blast

Digital forensics specialists are analysing devices, cloud accounts, draft logs, and network patterns to produce a comprehensive sequence of events.

Conclusion

The discovery of the dead drop email system has provided investigators with significant insight into the group’s operational methods. As agencies continue to connect the dots, the probe appears to be widening, indicating that the Delhi blast may have been part of a much larger and coordinated terror conspiracy.