Who Are ‘Terrorizers 111’? Inside Dark Web Network Terrorising India With Bomb Threats

The group "Terrorizers 111" has targeted schools and public institutions, causing disruptions. Tracing the threats is difficult due to Tor's encryption, prompting joint investigations and digital forensics analysis.

By : PTI | Updated at : 30 Oct 2025 10:19 PM (IST)

Terrorizers 111 Inside Dark Web Network Terrorising India With Bomb Threats Who Are ‘Terrorizers 111’? Inside Dark Web Network Terrorising India With Bomb Threats

Indian law enforcement faces challenges as cybercriminals exploit the Tor browser, initially designed for online privacy, to send anonymous bomb threats.

Source : ABPLIVE AI

New Delhi, Oct 30 (PTI) The "Tor browser", a tool originally developed by the United States government to ensure online privacy and anonymity, has now emerged as a major challenge for Indian law enforcement agencies as cybercriminals increasingly exploit it to send bomb threats, an official said on Thursday.

The browser, which conceals a user's identity by routing their internet activity through multiple layers of encryption and servers worldwide, has been used repeatedly in recent months by a group calling itself "Terrorizers 111", he said.

Tor, also used by journalists and activists for privacy and protection from surveillance, is now becoming a weapon in the hands of cyber criminals, a senior police officer said.

The group has allegedly sent multiple email threats since August this year to schools, universities and public institutions across several cities, triggering widespread panic and large-scale security checks, he said.

While most of these threats have turned out to be hoaxes, authorities say the disruptions they cause are significant, forcing evacuations, bomb squad deployments, and massive resource mobilisation.

"The challenge with these emails is that they are routed through the Tor network, making it extremely difficult to trace the original sender," the officer said.

Each message travels through several anonymous relays spread across different countries, hiding the true IP address and location of the sender, he added.

The Delhi Police has been working jointly to trace the source of the threats. Digital forensics teams are analysing technical footprints left behind in the emails, including metadata, language patterns, and possible links to previous incidents, the officer added.

Authorities suspect that at least some of these threats may have originated from outside India, using virtual private networks (VPNs) and encrypted email services in combination with the Tor browser.

Officials also said that "Terrorizers 111" appears to follow patterns seen in earlier cases where pranksters used dark web tools to create panic and test security responses.

(Disclaimer: This report has been published as part of the auto-generated syndicate wire feed. Apart from the headline, no editing has been done in the copy by ABP Live.)