The Central Bureau of Investigation has taken over the probe against a syndicate that used an illegal railway e-ticketing software to make crores by facilitating faster multiple booking of e-tickets through hundreds of IRCTC accounts. Several persons were earlier arrested for their involvement.
The racket was unearthed after a team led by the Railway Protection Force (RPF) Post Commander in Yeshwantpur, South Western Railway, arrested one Hanumantharaju M, a resident of Bengaluru, on October 30, 2019, on a source information.
The team seized from the accused details about 37 IRCTC personal user IDs, 73 railway unused e-tickets worth over ₹1 lakh, 218 used e-tickets worth more than ₹3.41 lakh and 876 cancelled e-ticket transactions worth about ₹8.14 lakh.
A scrutiny of his phone led to the identification of one Gulam Mustafa who, along with his aides, allegedly provided keys to an illegal ANMS software to touts via WhatsApp on a monthly rent basis to facilitate faster e-bookings via IRCTC. The payments were received through at least five bank accounts, UPI services and three popular e-wallets.
Auto-filling of data
The illegal software provides facilities like auto-filling of details of passengers, trains, travel plans and bank accounts, and auto login on IRCTC, besides captcha and OTP bypass. This helped the touts get multiple times the normal speed of booking tickets using personal IDs.
Further probe led to the arrest of Mustafa, who is originally from Jharkhand’s Giridih, from Bengaluru on January 8 this year. Eight others were arrested later.
During interrogation, Mustafa purportedly disclosed that he had 563 personal user IDs of IRCTC and used them for booking e-tickets through the software.
The Post Commander, in his complaint to the Rajagopal Nagar police in Bengaluru City, where the case was initially registered this January, said Mustafa had never attended any school.
He studied at a ‘madrasa’ in Odisha’s Kendrapada from 2008 to 2013, after which he got married in 2015 and then shifted to Bengaluru along with his family. He got into touting at Peenya post office ticketing counter. In October 2017, he was registered as an IRCTC agent.
Meanwhile, in October 2015, Mustafa created a YouTube channel for earning by uploading videos on various issues, including money transfer and use of a software in railway ticket booking. He also circulated his phone number for people to contact him for assistance in handling of ANMS software. He started receiving customers.
The accused also gathered contact details of authorised IRCTC agents and marketed to them his software service.
The FIR said his mobile and g-mail location history indicated his movements around Bhatkal (North Karnataka) and Kendrapada, creating suspicion about his anti-social links as both the places were “infamous” for such activities.
Mobile phones seized
The team seized two mobile phones and a laptop from the accused, and also got details of 10 numbers. It found that his mobile phone was directly connected to the Railwire. He frequently visited government websites, raising suspicion that he was also into hacking.
It turned out that he learnt about new technologies, including those related to e-ticketing, through YouTube videos.
The investigators scrutinised his Google Drive, which allegedly had details about Pakistan-based darknet software, cryptocurrencies, fake Aadhaar and identity creation, YouTube downloads and recommendations about important Indian government websites and sensitive satellites like Catrosat of ISRO.
An excel sheet comprising details of 3,000 SBI and regional rural banks was also found. It is alleged that Mustafa used virtual private network and proxy servers to mask his location. He also used WhatsApp via a fake U.S. number to avoid detection. The accused also had a call-data analyser in his email account, besides details related to agencies like the Jammu and Kashmir Police, NTPC and Railways.
The probe team suspected that the illegal e-ticketing software was developed by one Hamid Ashraf, a resident of Basti in Uttar Pradesh, who was also allegedly involved in a bomb blast at a school in Gonda. A joint team of the CBI, Railway and the local police had arrested him in 2016. However, he was later released on bail, after which he is suspected to have fled to Dubai via Nepal.
