skip to content
Trending
Advertisement
Premium
This is an archive article published on April 9, 2024

Bengaluru Rameshwaram Cafe blast: Probe looks at crypto trail to identify financiers of terror attack

Abdul Matheen Taha, one of the accused wanted in the Rameshwaram Cafe blast case, allegedly used the cryptocurrency route to avoid detection.

6 min read
  • facebook
  • twitter
  • whatsapp
  • Reddit
Bengaluru Rameshwaram Cafe BlastThe Rameshwaram cafe in Bengaluru’s Whitefield area reopened a week after the blast. (Express Photo)

The National Investigation Agency, which is investigating the March 1, 2024, blast at The Rameshwaram Cafe in Bengaluru and has identified the main perpetrators as two missing members of an ISIS module from Shivamogga, is taking a close look at the funding of the operation that led to the blast, especially cryptocurrency transactions.

The agency has so far found from CCTV footage and investigations that two ISIS members who emerged on the radar of security agencies in 2020, Musavir Hussain Shazib, 30, and his associate Abdul Matheen Taha, 30, carried out the blast, with Shazib identified as the planter of the IED. The duo are yet to be traced and arrested.

The NIA has also named two more people as the accused in the case. One of them, Maaz Muneer Ahmed, 26, was in prison at the time of the incident. The other accused is Muzammil Shareef, 30, who was arrested by the NIA on March 27 for providing logistics like cell phones, fake SIM cards and other materials that were used to plan and execute the blast.

Story continues below this ad

The investigation has so far found that Abdul Matheen Taha used the cryptocurrency route to finance the operation as part of efforts to avoid detection. It has found that Taha used various conduits, including stolen identities and the IDs of people recruited for the ISIS cause in different parts of India, to transfer cryptocurrency to Muzammil Shareef to arrange logistics for the March 1 cafe blast.

Less than R 1 lakh received by Muzammil Shareef

Sources said that less than Rs 1 lakh was received by Shareef through the cryptocurrency route to finance the blast preparations and execution. He is alleged to have organised materials including SIM cards and phones under fake identities. The NIA held Shareef in custody first till April 3 and then from April 6 to April 10.

Over the past week the NIA has questioned a BJP worker and a former childhood friend of Taha from Shivamogga over cryptocurrency transactions involving his username. “They told me that my crypto username has been used for some transactions with an exchange by Matheen (Taha). They asked me about the transactions. They have carried out an illegal transaction with the username,” the BJP worker, Sai Prasad, told the media after he was interrogated by the NIA over the use of his ID in crypto transfers by Taha.

The BJP worker has claimed that his credentials were stolen and used by Taha, who had been a friend till 2020, when he disappeared from Shivamogga after being linked to an ISIS recruitment plot spread across Tamil Nadu and Karnataka. A mobile phone that was previously used by the BJP worker was allegedly used by Shareef.

Story continues below this ad

Multiple agencies probing crypto transactions

Multiple agencies are also probing the role in the crypto transactions and provision of other logistics of an ISIS operative from Maharashtra who was arrested in February 2024 for radicalising and recruiting youths in the region.

The main perpetrators of the cafe blast, Musavir Hussain Shazib and Abdul Matheen Taha, who are suspected to have left the country, are now reported to have been in India from March 2023, living in Maharashtra, Karnataka and Kerala, before setting up base in Chennai in late January 2024 to carry out the cafe blast on March 1.

On March 7, the duo were alleged to have vacated the rented boarding facilities they had occupied in Chennai (through February) before disappearing. Investigators are looking at the various places the duo took shelter in the last year and have quizzed people suspected to have provided logistical support in many places.

Links to Islamic State Khorasan Province

The investigations of the activities of the Shivamogga ISIS module has revealed that it has linkages to other Islamic State Khorasan Province modules unearthed in India over the last year with the handler allegedly based in Afghanistan.

Story continues below this ad

Previous investigations of the financing of the Shivamogga module had revealed that the group, consisting of several young engineers and IT-savvy youths, was adept at using cryptocurrency routes for funds. The Enforcement Directorate launched an investigation on March 18 into the crypto financing received by members of the Shivamogga ISIS module.

Prior to the Bengaluru cafe blast, the Shivamogga ISIS module is reported to have received over Rs 3 lakh in cryptocurrency between 2020 and 2022 from handlers based abroad.

Don't Miss | ‘This is our answer to the IED blast’: Founders of Bengaluru’s Rameshwaram Cafe on reopening

According to the NIA’s investigation of the Shivamogga module, an online handler identified as “Colonel” provided funds to the accused members of the module “in cryptocurrency to crypto wallets of the accused and their friends to further the activities of IS”.

“The bank statements and other documents collected by the investigating officer clearly go to show that accused No.2 (Maaz Muneer) received cryptocurrencies through crypto wallets of accused No.4 (Reeshan Shaikh), witnesses Shadab, Mohamed Riyaz, Tabish Tabarak Sheikh and others,” the NIA reported to a special court for terror cases in late 2023.

Story continues below this ad

One of the accused in the Shivamogga ISIS module case, Arafath Ali, who was deported from Kenya in September 2023 “was paid by an online handler in the form of cryptocurrencies for furthering the activities of Islamic State, an outlawed terrorist organization. The data is being collected from concerned crypto platforms”, the NIA said in court earlier this year.

Stay updated with the latest - Click here to follow us on Instagram

© The Indian Express Pvt Ltd
Latest Comment
Post Comment
Read Comments
Advertisement

You May Like

Express shorts
Ukrainian President Volodymyr Zelenskyy and US President Donald Trump
‘No going into NATO’: Trump to Zelenskyy ahead of meeting in Washington
World1 hr ago

US President Donald Trump, in a sharp rebuke of Volodymyr Zelenskyy, told the Ukrainian leader that Kyiv must abandon its aspirations of joining NATO, aligning with Moscow’s long-pressed demand. He pushed Zelenskyy to accept a peace deal, suggesting that he could end the ongoing war with Russia “almost immediately” if the concessions were made.

View all shorts
Live Blog
Top Stories
It is likely to cause an upheaval among online gaming companies, ranging from fantasy sports and real gaming platforms, which have previously complained of the 28 per cent GST levied on them
BusinessGST restructure plan: In new regime, online gaming likely to be placed in top bracket
Sunjay Kapur's sister Mandhira called Karisma Kapoor a very good mother who is looking out for children Samaira and Kiaan's best interests.
Entertainment'Karisma Kapoor is a very good mother': Ex-husband Sunjay Kapur's sister says actor 'looking out for kids' amid family battle over Rs 30,000 cr fortune
Sam ALtman on Nikhil Kamath's podcast
Trending‘India is most enthusiastic to transform with AI’: Sam Altman on Nikhil Kamath’s podcast; urges 25-year-olds to…
Shubman Gill is unlikely to make the India Asia Cup 2025 squad with selectors backing Abhishek Sharma and Sanju Samson. (BCCI/AP)
SportsShubman Gill unlikely for Asia Cup T20I with selectors keen on status quo ahead of Tuesday selection meeting
Planning the next leap forward
OpinionPlanning the next leap forward
Advertisement
Edition
search
Install the Express App for
a better experience
Featured
Today's E-paper
Aug 18, 2025
Trending Topics
News
Multimedia
Follow Us