With airlines having been getting a number of bomb threats for the past few days, the Indian intelligence agencies got into action and have found that the IP addresses from where the hoax calls were made originated from Germany and England, sources said on Thursday.
Following the identification of the locations of the IP addresses, the sources said, initial probe established that the threats were posted from three separate handles and two of them have been traced to common IP addresses in London and Germany.
Noting that the users deliberately used virtual private networks (VPNs) to conceal their identities, an intelligence source said, “Legal action has been initiated against those responsible for these false alarms.”
It is to be noted here that over 20 international and domestic flight operators received bomb threats earlier this week, as on Monday, three international flights of Indian carriers received bomb threats, another 10 airlines received similar threats on Tuesday and on Wednesday airlines received at least six such threats.
Meanwhile, on the basis of intelligence input as received, the sources said the government has suspended over half a dozen social media handles that issued hoax bomb threats. They said that the social media handles were “analysed” by a joint team of cyber, Bureau of Civil Aviation Security (BCAS) and intelligence agencies following the inputs received.
The sources said, around seven to eight social media handles, majority of them on X, have been suspended or blocked since Monday, when these hoax bomb and terror attack threats started coming to virtually all the airlines.
The intelligence agencies have also found some common lines and words used in these fake threats like “bombs”, “explosive devices”, “this is not a joke”, “blood will spread everywhere”, and “you will all die” and “bomb rakhwa dia hai” (Hindi for bomb has been placed).
The sources further said, that besides having cases registered about hoax calls, agencies have been directed to enhance ‘cyber patrolling’ on social media and the dark web to check such threats leading to grounding or diversion of the aircraft.
Intelligence agencies started scratching the online surface to find the primary email registration and geographical locations of these threat-issuing handles and some of which have been found to be from overseas locations like England and Germany, the sources said, adding that they first asked ‘X’ to share the IP addresses from where all the posts were generated and requested them to deactivate all the accounts.
All the information relating to these have also been shared with jurisdictional police departments, which are investigating the cases registered by them, the sources said.