Indian Railways 

Subversion of IRCTC online Ticket Booking system helped touts book tickets

Rail News
Mumbai: The multi-crore ticket touting scam busted by Central Railway’s Railway Protection Force (RPF) unit and the commercial department has unearthed another disturbing truth about the large-scale subversion of the Indian Railway Catering and Tourism Corporation’s (IRCTC) online ticket booking system.

The RPF’s interrogation of scam kingpin Kulbir Singh, who made the automation software that was helping touts corner most of the seats on IRCTC’s website, has revealed that a couple of websites (names withheld for the sake of domain name privacy to protect original IRCTC website) were using the IRCTC acronym, mirroring the IRCTC’s booking process, and allowing touts to corner tickets much faster than any bonafide passenger could manage.

When tried out the sites, one of them didn’t open whereas the other was functional. The functional one actually advertises itself as the one-stop solution for people wanting to book tickets on IRCTC with a promise “to help you win the tatkal competition 100% free”.

Alok Bohra, Senior Divisional Security Commissioner, RPF, Central Railway, confirmed to media the development and said an official letter to the IRCTC had been dispatched about this. “It’s their duty to block these sites so that bonafide passengers are not put at a disadvantage by these touts,” Bohra said.

Sunil Kumar, Group General Manager (Information Technology), IRCTC, said the sites were unauthorised and that action would be taken against them.

RPF officials, meanwhile, have also written to Google for details of the various e-mail IDs held by the 12 arrested touts so that more transactions and ticketing details could be ferreted out of them.

“It’s just not enough that we arrest touts and recover tickets from them. It is necessary that the IRCTC website is strengthened against such automation software. The IT department of IRCTC should come down heavily on such websites so that thousands of passengers logging on to the IRCTC website are not cheated. Unless this case is taken to its logical conclusion, the recovery of crores of rupees will be of no value to the bonafide passenger,” said a senior railway official.

The scale of the scam can be gauged from the fact that the recovery of tickets as well as their value is more than all the tickets confiscated by the RPF unit of CR between January and September this year — 2,865 tickets worth Rs.83.65 lakh. The recovery in the speed software touting scam so far has crossed 4,000 tickets with a total value of more than Rs.2 crore.

You’re asking about how unauthorised agents—often called touts—exploited subversions of IRCTC’s Tatkal booking system to book tickets illegally. Here’s what has been verified:

🕵️ How Touts Subverted IRCTC’s Booking System

1. Use of Illegal Booking Software

Agents and tech-savvy touts used pirated software such as Nexus, Big Boss, Sikka V2, Red‑Mirchi, Real‑Mango, and NASA Tatkal Software to automate Tatkal bookings. These bypass IRCTC’s booking protocols by auto-filling passenger details and even circumvent captchas.
In a major seizure, the Railway Protection Force (RPF) found 42 such illegal software used nationwide to book confirmed tickets, including Rajdhani and other premier trains.

One infamous case involved a CBI assistant programmer, Ajay Garg, and others who developed software that could “subvert” the ticketing system—enabling agents to secure bulk Tatkal bookings with one click. This led to arrests in December 2025.

2. Fake Accounts & Bots

Touts created hundreds of robot-generated IRCTC accounts using disposable emails and mobile numbers. One bust in Surat revealed 973 such accounts, generating over 650 Tatkal tickets and earning lakhs in profit.

From January to May 2025, IRCTC logged over 2.9 lakh suspicious PNRs made within five minutes of booking windows, leading to deactivation of over 2.5 crore user IDs linked to malpractice.

📉 Impact on Genuine Users

  • Tickets vanish within seconds on many routes—users have reported booking failures within minutes at ticket-release time. One Reddit user noted repeated WL status within 2–3 minutes, despite booking on the ticket opening day.
  • Discussions on Reddit consistently highlight how bots and extensions lead to faster bookings and let agents monopolize availability, severely disadvantaging manual users.

🛡️ Railways’ Countermeasures

Anti-Bot Systems & AI Monitoring

In June 2025, IRCTC completed a system overhaul with anti-bot safeguards, AI-powered detection, and integration with a Content Delivery Network (CDN). These steps reduced unauthorized automated bookings—especially in the critical first minutes of Tatkal windows.

Mass Deactivations & Regulations

  • Over 2.5 crore IDs were deactivated for suspicious behavior.
  • IRCTC now enforces account limits: one ID per mobile/email, and limits on monthly bookings—unless Aadhaar-verified.

RPF Operations

Under “Operation Thunder,” nearly 380 touts involved in illegal ticket selling were arrested. The RPF regularly audited agents, PRS counters, platforms, and online content to catch misuse.

✅ Summary Table

Issue What Happened
Illegal software/bots Touts used automation tools to book large volumes quickly (often bypassing captcha)
Fake/multiple accounts Hundreds of disposable accounts created to increase booking chances
Real-user disadvantage Genuine users often found WL/Book Not Available within seconds
Crackdown measures RPF and IRCTC banned rogue software and blocked millions of suspicious IDs
Technical safeguards Anti-bot, AI-based detection, Aadhaar-based limits now in place

🧭 Final Thoughts

Touts were exploiting IRCTC’s Tatkal booking system using unauthorized software and fake accounts—often booking within seconds and selling tickets at a premium. IRCTC and RPF have since launched large-scale crackdowns, deploying AI/anti-bot systems, deactivating millions of accounts, and enhancing regulation to restore booking fairness.

Rail News

Indian Railway News Portal

error: