Hackers using Pakistani software to compromise IRCTC Tatkal system
Railway Protection Force (RPF) sleuths from the South Western Railway (SWR) zone have busted a complex web of illegal operators and hackers who used Pakistani software to compromise the IRCTC Tatkal system to stealthily book reserved tickets, bypassing the Indian Railways as well as the banks OTP safeguards, an official said on Tuesday. "In September last year, intelligence agencies alerted on the use of illegal software for bypassing the IRCTC and bank security systems deployed in booking Tatkal tickets throughout India," said a railway zone official.
Following multiple raids after the alert, RPF officials arrested a person who provided a lead about the mastermind behind the illegal software used for booking the tickets in stealth, to charge oblivious customers up to five times the price of a normal railway ticket.
Incidentally, the arrested person had fled Bengaluru in October 2019 and was on the run since then, whose whereabouts have been traced to Kendrapara in Odisha.
"In January 2020, his whereabouts were tracked to Kendrapara in Odisha where he was arrested and brought to Bengaluru for further investigation by Bengaluru RPF team," the official said.
To the railway police officials' shock, the arrested person's investigation revealed that he was using Pakistani software of high-level hacking caliber, employing Linux-based systems to break into the applications of ISRO, Railways and other government organisations.
He was found to be using 3,000 bank accounts, Bitcoin and cryptocurrency links.
"He was further interrogated and the entire black market of 25,000 hackers and touts with a high command in India and abroad were detected," said the official.
Officials identified that hundreds of crores of rupees in black money generated from these activities was linked to several anti-national and criminal activities all over India and overseas.
"As a result of this activity, unauthorised tickets were booked and genuine passengers could not book e-tickets through IRCTC personal identities as within seconds of opening, the tickets would vanish as the gang was using powerful software," the official said.
As many as 25,000 hackers across the country were operating this racket with a well defined hierarchy in place, where touts would generate the demand for the tickets and bring it to the sellers.
Sellers in turn used the software to game the Railways' Tatkal system.
"These sellers in turn reported to panel developers who would give them access to the software on monthly charges. These panel developers would report to financial and technical administrators whose main job was to maintain the servers hosted in foreign countries," said the official.
Meanwhile, the illegal money generated was suspected to have been used in terror funding, making illegal documents for hostile foreign nations, and money laundering through cryptocurrency, among others.
Busting the nationwide racket involved top-level intervention at the level of RPF director-general, who personally coordinated through the DIG Railway Board.
As many as 100-panel developers and software sellers were arrested across the country while the officials have destroyed the seized software codes.
Due to the international ramifications of the case, higher authorities in the Railways have given assent for further investigation.
(With agency inputs)
