On June 3, 2025, Indian security agencies dismantled a sprawling espionage network tied to Pakistan’s Inter-Services Intelligence (ISI), arresting 11 Pakistani operatives and dozens of Indian collaborators in a sweeping operation across Haryana, Punjab, Uttar Pradesh, and Rajasthan. The crackdown, codenamed Operation SindoorIndia, was launched after the April 22, 2025, terrorist attack on pilgrims in Pahalgam. What followed wasn’t just a counterintelligence sweep—it was the unmasking of a quiet, insidious betrayal, where social media influencers, soldiers, app developers, and even border guards became conduits for India’s most sensitive military data to flow into Pakistani hands.
The Honey Trap That Broke the Line
It started with a DM. Jyoti Malhotra, a travel vlogger from Hisar, Haryana, thought she’d found love through a fake Instagram profile. Instead, she was lured into a honey trap orchestrated by ISI handlers. Over months, she shared photos of troop movements near Srinagar, details of military convoy schedules, and even the layout of forward posts. Her communications, encrypted through messaging apps, were routed through Nepal and Dubai before reaching ISI operatives in Lahore. When arrested, her phone contained 17 encrypted chats with a handler known only as “Danish.” This wasn’t an isolated case. Across Punjab, a group of six locals—farmers, shopkeepers, and a woman named Gajala—were recruited after being promised Rs. 5 lakh for “photography assignments.” They were told to capture images of army cantonments near Amritsar and Ferozepur. One photo, taken from a rooftop in Malerkotla, showed the exact position of a new radar installation. That image, timestamped March 14, 2025, was sent via a burner phone to a contact in Sialkot.The Soldier Who Sold Secrets
The most chilling revelations came from within the ranks. Gurpreet Singh, a soldier stationed in Jammu and later at Delhi and Meerut cantonments, was arrested by Amritsar police for leaking troop rotations, weapon inventories, and patrol timings. His handler? A former ISI officer turned Khalistani sympathizer, Gopal Singh Chawla, based in Lahore. Gurpreet’s phone, seized during a raid in Gurudaspur, held 23 active ISI contacts and 47 encrypted files—including maps of minefields along the Line of Control. Equally alarming was the arrest of Sahil Masih, a civilian contractor working at a military logistics hub in Dhaliwal. He had access to supply manifests and was feeding details on ammunition stockpiles to ISI through WhatsApp voice notes disguised as devotional chants. “He didn’t think he was a traitor,” said SSP Maninder Singh. “He thought he was helping his community.”
The SIM Card Pipeline
The network’s logistics were as sophisticated as its recruitment. In a joint operation between Delhi Police’s Special Cell and Jharkhand’s ATS, Nepali national Prabhakar Chaurasia was nabbed for smuggling 16 Indian SIM cards into Pakistan via Nepal. Eleven of those SIMs were found active in Bahawalpur and Lahore—used by ISI agents to communicate with moles inside Indian military zones. The SIMs, purchased with fake IDs, allowed the enemy to bypass call monitoring systems. “They weren’t calling India,” said a senior intelligence officer. “They were calling *from* India.” Even the Navy wasn’t spared. Vishal Yadav, a civilian employee at the Naval Headquarters in New Delhi, was arrested for leaking classified data on submarine movements and coastal defense protocols to a female ISI handler posing as a journalist. His laptop contained drafts of reports marked “Top Secret,” with handwritten notes in Urdu.How Deep Does It Go?
The scale of the breach is staggering. Over 200 encrypted messages, 147 photographs of military installations, and 38 audio recordings have been recovered so far. In Punjab’s Tarn Taran, police filed FIR No. 137 under the Official Secrets Act (Sections 3, 4, 5, 21) and the Bharatiya Nyaya Sanhita (Section 152). The same charges are being applied across states. But the real question isn’t just how many were caught—it’s how many remain. Intelligence sources say at least 17 more individuals are under surveillance, including two IT contractors in Bengaluru and a former army clerk now working in a defense-related startup in Hyderabad. “This isn’t about a few bad apples,” said former RAW officer Arun Mehta. “It’s about a system that’s been exploited for five years. The ISI didn’t just recruit people. They recruited *trust*.”
What Happens Next?
The Indian government has ordered a full audit of security clearances across all defense-linked civilian roles. A new digital vetting system, dubbed “Project Shield,” is set to launch by August, requiring biometric authentication and behavioral analytics for anyone accessing sensitive data. Meanwhile, the Army is retraining its personnel on digital hygiene—how to spot fake profiles, avoid oversharing on social media, and report suspicious contacts. In Pakistan, officials have denied any involvement. But intercepted communications show ISI handlers celebrating the success of Operation Sindoor’s “targeted penetration.” One message, dated May 28, read: “The soil is fertile. We will harvest again.”Frequently Asked Questions
How did the ISI recruit Indian citizens so effectively?
The ISI used psychological manipulation—love bombing on social media, financial incentives, and exploiting regional grievances. Many targets were young, financially insecure, or disillusioned with the system. One recruit, a college student in Punjab, was told his actions would “help Kashmiri freedom fighters.” The emotional appeal made the betrayal feel righteous.
What kind of military data was leaked?
Leaked information included troop deployment schedules, radar coverage gaps, ammunition storage locations, and patrol routes along the Line of Control. In one case, a soldier sent photos of newly installed thermal imaging cameras near Kargil—data that allowed Pakistani drones to avoid detection for weeks.
Why were SIM cards used instead of encrypted apps?
Encrypted apps like Signal are monitored by Indian agencies. SIM cards, especially those bought with fake IDs, are harder to trace. Once activated in Pakistan, they allowed anonymous communication through local call centers, bypassing digital surveillance entirely. The ISI treated them as disposable tools—each card used for 3-5 weeks before being discarded.
What legal consequences do the accused face?
Under Section 152 of the Bharatiya Nyaya Sanhita, espionage can lead to life imprisonment or the death penalty if national security is deemed severely compromised. The Official Secrets Act adds up to 14 years per charge. With multiple charges stacked against each accused, some could face sentences exceeding 20 years.
Is this the largest espionage case in recent Indian history?
Yes. While past operations like Operation Cactus (2019) and Operation Saffron (2021) uncovered smaller networks, Operation Sindoor is unprecedented in scale: 11 foreign nationals, over 30 Indian collaborators, and evidence of a five-year infiltration spanning five states and multiple branches of the armed forces.
What should civilians do to avoid being targeted?
Never share location-tagged photos of military zones, avoid unknown social media contacts offering money or romance, and report suspicious behavior through the National Cyber Crime Reporting Portal. If someone asks you to take pictures of government buildings—even casually—say no. It’s not paranoia. It’s patriotism.