IRCTC Tatkal Rail Tickets Scam Exposed – Booking 100 tickets with just one click!

You wait for the clock to tick the time of tatkal bookings, keeping ready all the details and documents required for authentications. You see there are 200 seats available for Tatkal and feel relieved that your sudden travel plans will not be disturbed.

As the clock rings at the tatkal time, you hurry up and as you reach your transaction, you find out that the tatkal tickets have been all filled up. Maybe it was the poor internet connection.

So, next day you go to the railway station few hours before the tatkal timings just to make sure that you are the first one in the queue. You find few people already standing in the queue and you are the third one and thinking that it won’t take much time to book, you wait.

As the tatkal bookings start and your turn comes up, you find out it’s all filled up, yet again. You wonder how? This will answer your how!

The Tatkal quota tickets begin one day prior to the date of journey, where AC booking starts from 10 AM and non-AC booking starts from 11 AM. A normal user has to fill in all the details, complete the authentication through captcha and process the transaction.

The minimum required time to complete the procedure is around 120 seconds, provided good internet connection. Here comes a twist in the plot. Hundreds of tatkal bookings with a single click – magic? no, just some trickery in the binary world.

IRCTC Tatkal Rail Tickets Scam exploit

An ex-employee of IRCTC had exploited ticket booking system vulnerability and created a software which could easily bypass ticket booking procedure and book hundreds of tickets at just one click of a mouse.

CBI has come to notice about this software scam and has caught the victims. The indirect victims who used this software are under investigation. What this software does is, it fills in all the details beforehand. As the clock ticks the tatkal time, it starts booking all the tickets.

Once logged in to IRCTC account, in a single login only one ticket can be booked. This process eats up the time when it comes to multiple bookings. To overcome this procedure, the software uses US-based proxy servers which are able to create hundreds of fake accounts of IRCTC. Also, this software is able to bypass captcha, OTP, and other multiple steps, thus reducing a lot of time.

The scammer works for CBI

The man behind the software, Ajay Garg worked with IRCTC between 2007 and 2011. He joined the CBI in 2012. His incurred knowledge while working with IRCTC along with resources of CBI helped him device such software.

Anil Gupta, his accomplice, helped him to market the software. He used to sell the software to various travel agents. The money from these travel agents who used this software to book the tickets was collected in bitcoins, a cryptocurrency that is trending worldwide.

In addition to the cost of the software, Garg was able to keep track of the tickets booked by the travel agents and maintained the record. He charged them on every ticket. And this way the travel agents paid the recurring payment for the tool.

This mastermind used the combination of Indian and foreign servers, online masking and cryptocurrency to play his racket.

This CBI techie’s software was able to book hundreds of tatkal tickets in a matter of seconds. The man along with his accomplice has been arrested for the scam by the Central Bureau of Investigation.

Ajay Garg’s family has also been arrested for using illegal transactions using bitcoins and other means like hawala. About 10 agents, seven from Jaunpur and three from Mumbai have been identified in this bitcoin chain.

As per the officials of Railways, generated tickets did not incur a financial loss to the Railways as the tickets that were generated with the help of the software turned out to be genuine. The real loss was incurred by the genuine users of IRCTC whose only aid to their urgent bookings for sudden plans was the Tatkal tickets.

The discovery of the scam has also exposed the vulnerabilities of IRCTC and how the system can be tricked. It is, therefore, a necessity to have a secure channel during such reservations to avoid such disasters in future.

Now we know how the tatkal seats get filled up so easily!

Source: HT