Cyber terror plot busted: Gujarat ATS detains Teen in ISIS-inspired Operation Sindoor Crackdown

The Gujarat Anti-Terrorism Squad (ATS) has detained an 18-year-old student from Nadiad for allegedly launching a cyber terror campaign targeting government websites across India, in what officials describe as a direct threat to national security.

The arrest comes as part of a nationwide surveillance and counterterrorism initiative dubbed Operation Sindoor, aimed at combating online radicalisation and cyberterrorism linked to terror organisations, including ISIS.

According to Gujarat ATS, the accused, identified as Jasim Shahnawaz Ansari, and other minors allegedly created and operated a Telegram channel named Anonsec, where they shared screenshots of successful Distributed Denial-of-Service (DDoS) attacks on various Indian government websites. These attacks reportedly coincided with Operation Sindoor, an Indian counterterror measure following the Pahalgam terror incident.

Officials said the group used open-source tools from GitHub and platforms such as Termux and Pydroid3 to execute the cyberattacks. The tools were repurposed to disrupt key websites belonging to India’s defence, finance, aviation, and urban development sectors, as well as state government portals.

The accused reportedly learned how to carry out these attacks by watching YouTube tutorials. Once successful, they would take screenshots via checkhost.net and post provocative, anti-India messages in their Telegram groups. Posts included captions like, “Hi, India, we just took down your financial shield and servers,” and “Several government sites of India has been touch by AnonSec..!”

A forensic investigation by FSL Gandhinagar confirmed the use of these tools and techniques. The accused had also renamed and created backup Telegram channels such as EXPLOITXSEC and ELITEXPLOIT to evade detection.

Between April and May 2025, more than 50 websites were targeted, ATS said, adding that the group’s online activity aimed to sow panic, disrupt governance, and undermine national security.

The ATS has booked Jasim Ansari and other juveniles in conflict with the law under sections 43 and 66(F) of the Information Technology Act, which pertains to cyber terrorism and unauthorised access. He was detained on May 19 at his residence in Laborgram, Mill Road, Nadiad.

Further investigations are ongoing to trace other members of the network and determine possible foreign affiliations. ATS sources said additional arrests may follow as the probe widens.