KOCHI: The recently arrested members of the Islamic State (IS) module in South India were using a sophisticated encrypted email app - Tutanota - to keep their messages invisible to the security agencies. The National Investigation Agency (NIA) officials said they have traced several mails sent through Tutanota while examining the mobile/tablet of the nabbed persons. According to the officials, Tutanota is owned by a German startup currently have more than 2 million users.
The name Tutanota derives from Latin and it means ‘secure message’. “Unlike other emails like Gmail and Yahoo, Tutanota is end-to-end encrypted, preventing access to the mail by a third party, including the email authorities. Only the sender and receiver can access the email,” the official said. While the email is sent through Tutanota, its recipients receive a notification with a link to a temporary Tutanota account. The notification provides the password sent by the sender and the mail cannot be accessed without entering that password.
The NIA has found that the accused were also directed to use secure mails like Hushmail and ProtonMail, though the most preferred medium was Tutanota. Some of the members were directed to use secure browsers and avoid browsing in open browsers like Google Chrome. Similarly, the group also used Telegram - another encrypted app with zero access to security agencies. The group was also using multiple SIM cards to prevent agencies from mounting the trace job. The IS module in Hyderabad was also using the Tutanota. NIA officials said they were looking to access the emails with the assistance of cyber experts.