42 bomb-making videos, Turkey-based handlers: Inside the Delhi terror module
Investigators probing the Red Fort blast-linked terror module have uncovered a sophisticated network of encrypted communications, bomb-making tutorials, and links to earlier attacks in Karnataka and Tamil Nadu, according to The Indian Express.
Security agencies have traced at least 42 bomb-making videos allegedly sent by one of the module’s three suspected foreign handlers to arrested doctor Muzammil Ahmad Ganai, who worked at Faridabad’s Al Falah Medical College. Ganai was in close contact with Umar Nabi, the suicide attacker who triggered the explosion near the Red Fort.
Three foreign handlers under scrutiny
Investigators have identified the handlers only through their aliases — “Hanzullah,” “Nisar,” and “Ukasa.” Authorities believe they guided the Delhi module by providing technical know-how and instructions for assembling the explosives.
“Hanzullah,” the handler believed to have sent the instructional videos, was in regular contact with Ganai, who allegedly stored explosives for the module. Ganai’s arrest led police to recover more than 2,500 kg of explosive material, including 350 kg of ammonium nitrate, from his home.
Key handler linked to multiple southern blasts
Another suspected handler, Mohammed Shahid Faisal, known online as “Colonel,” “Laptop Bhai,” and “Bhai,” has emerged as a key link. On the radar of security agencies since 2020, Faisal has been connected to multiple attacks:
- Coimbatore suicide car blast (2022)
- Mangaluru autorickshaw blast (2022)
- Bengaluru Rameshwaram Cafe blast (2024)
A Bengaluru engineering graduate, Faisal vanished in 2012 after an alleged LeT-linked plot was exposed. He reportedly escaped to Pakistan and later shifted to the Turkey–Syria border region, where his digital footprint reappeared during the NIA’s probe into the Rameshwaram Cafe blast.
One of the handlers in the Delhi module, “Ukasa,” is also believed to be based in Turkey — raising suspicion of overlapping command structures.
Striking parallels with Coimbatore blast
The Red Fort explosion bears similarities to the 2022 Coimbatore suicide blast, where mechanical engineer Jamesha Mubin (28) died when a Maruti 800 packed with explosives detonated outside a temple.
Investigators recovered chemicals including potassium nitrate and PETN, along with DIY bomb-making guides shared via encrypted apps. Mubin had recorded self-confession videos and extracted ammonium nitrate from commercial fertilisers — techniques mirrored in the Delhi module.
Pattern across multiple states points to common handlers
According to The Indian Express, modules operating in Tamil Nadu, Karnataka, Delhi, Padgah and Pune followed a similar blueprint:
- Online radicalisation
- Remote handlers
- DIY explosive assembly
- Encrypted communications
- No physical contact between module members
The NIA identified Faisal as a key handler after arrests in the Rameshwaram Cafe case. Court documents say he radicalised and recruited youth for the Islamic State and coordinated logistics, including cryptocurrency transfers and bomb-making videos.
Encrypted platforms under the scanner
The modules relied heavily on Signal, Session and Telegram for exchanging sensitive content, investigators said. After the November 10 Delhi blast, agencies questioned several IS-linked prisoners in Karnataka and Tamil Nadu to identify the handlers tied to the Red Fort attack.
For all the latest updates, download PGurus App.
- Delhi court rejects bail for Luthra brothers linked to Goa nightclub fire - December 11, 2025
- Indian Coast Guard seizes Pakistani boat, detains 11 for illegal entry into Indian waters - December 11, 2025
- Donald Trump aims for one million deportations as DHS acquires aircraft fleet - December 11, 2025
