‘Dead Drop’: The covert email method Delhi blast suspects used to stay off the radar

Delhi Police sources say the accused were using a covert digital communication method long associated with espionage networks — ‘dead drop’ emails, a system designed to bypass surveillance and leave almost no trace.

How the ‘Dead Drop’ email system worked

Instead of sending messages, the suspects allegedly used a shared email account where instructions were typed and stored only as drafts.

Others accessed the same account, read the text, modified plans, or deleted drafts — all without a single email ever being transmitted.

As no messages were sent or received, the communication generated minimal metadata, making it extremely difficult for agencies to intercept or track.

Investigators say the method was used alongside Threema, Telegram, and other encrypted channels, forming a multi-layered digital shield meant to frustrate surveillance.

This advanced communication setup is one reason why officials suspect links to a Jaish-e-Mohammad-inspired module operating across Delhi, Faridabad, and parts of Uttar Pradesh.

Doctors at the centre of the module

The key accused — Dr Muzammil Shakeel, Dr Umar Nabi, and Dr Shaheed Saeed — reportedly knew each other offline and held multiple closed-door meetings inside Muzammil’s room at Al-Falah University.

Investigators believe discussions on planned explosions took place during these meetings.

Police suspect the group intended to carry out multiple attacks in Delhi, and the blast near Red Fort may have been triggered hastily after Muzammil and Saeed were arrested in the days leading up to November 10.

Delhi Police have confirmed that Umar Nabi was driving the Hyundai i20 that exploded near the Red Fort.

CCTV images and vehicle registration data place him near the blast site on Asaf Ali Road shortly before the explosion.

Following the arrest of his associates, Umar allegedly went underground — a move that investigators believe was coordinated through the same covert digital channels engineered to evade monitoring.

Explosives, weapons seized in raids

Earlier raids by Jammu and Kashmir Police revealed the scale of the alleged plot.

Officers recovered nearly 3,000 kg of explosives, bomb-making components, digital devices and triggering equipment, and a rifle and ammunition seized from Saeed’s vehicle.

These discoveries point to a large operational network and suggest planning far beyond a single blast.

Investigators mapping the wider network

Authorities are now working to trace the full extent of the module, including the suspects’ ties to external handlers, whether more students or associates were involved, how the dead-drop system integrated with the encrypted application, and whether support extended beyond the National Capital Region.

The probe is also reconstructing the timeline between Muzammil’s October 30 arrest and the November 10 blast, a period investigators believe holds critical clues about last-minute attempts to salvage the plot.

As agencies analyse devices, communication logs, and campus links, the “dead drop” method has emerged as one of the most significant indicators of the group’s sophistication — and a key challenge in tracing the full network behind the Red Fort explosion.