He also challenged the DG to shut other illegal software that is being sold in the market following the closure of ANMS.
Hamid Ashraf, the mastermind behind the recent railway e-ticketing scam, sent a message to the Director-General of Railway Protection Force (RPF) listing out 25 things that allegedly exposed IRCTC's security system. Arun Kumar, DG of RPF, has confirmed receiving the message. The validity of the message is now being investigated.
Ashraf, who is being hunted by IB, NIA, and RAW, wrote that ANMS (the illegal railway e-ticketing software) will be closed forever on January 25, 2020. He also told about the security loopholes in the IRCTC portal, adding that unlike Facebook and Google, IRCTC does not have its own security system. He also challenged the DG to shut other illegal software that is being sold in the market following the closure of ANMS.
The mastermind also advised DG to fix IRCTC's security system so that the general public gets tickets easily. Detailing on the measures to be taken, he suggested allowing just one IP address for a user ID, along with anti-dumping methods to prevent smartphone apps from being cracked. He also said that port scanning systems can prevent bad traffic to the website.
Hamid also instructed the IRCTC to build its own security system and write its own code for Centre for Railway Information Systems (CRIS) to prevent other software to work, therefore stopping illegal creation of e-tickets.
The message also said that the railway system is quite old, which they will understand after 10 years.
He informed that he had alerted CRIS about the shortcomings of IRCTC several times, but not much attention was given. Ultimately, he admitted his mistake, he said he will not tamper with the railway software again.
The e-ticketing racket was busted by the RPF on January 21 and is said to have its roots in Dubai, Pakistan, and Bangladesh. It is suspected to have generated revenue of Rs 10-15 crore per month, according to Kumar.
The kingpin of the scam, Hamid Ashraf is a software developer and is alleged to be involved in the bombing of a Gonda school in 2019.
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
 "Railway e-ticket scam mastermind Hamid Ashraf")
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
)
){kind=small}
){kind=small}
)
)
)
)
)
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}