The Financial Action Task Force has revealed a chilling new detail in its latest report: parts used in the deadly 2019 Pulwama terror attack were purchased through a mainstream e-commerce platform. The international watchdog now warns that terrorist groups are using modern digital tools—everything from PayPal to VPNs—to fund and execute operations with alarming ease.
Pulwama Plot Used Online Platforms to Source Explosives
One of India’s deadliest terror attacks, the Pulwama bombing in February 2019 that killed 40 CRPF jawans, has resurfaced in global headlines. But this time, the conversation isn’t just about the perpetrators—it’s about how they got their hands on the tools.
According to the FATF report, a key ingredient in the IED used in Pulwama—aluminium powder—was bought online. Not from the dark web or some shady forum, but reportedly via a widely used e-commerce site.
The revelation has stunned many in India’s counter-terror circles, although investigators had suspected digital transactions even back then. The report confirms what was feared: logistics of the attack had an online trail.
And that trail, FATF says, must be taken seriously.
Global Watchdog Raises the Alarm
FATF’s July 2025 report on global terror finance risks paints a grim picture of how fast things are changing. Gone are the days when terrorist networks relied only on hawala, gold smuggling, or courier-based funding. Now, digital wallets and e-commerce carts are doing the job.
The report states clearly: “Terrorist actors are exploiting online financial systems—including legitimate e-commerce platforms and encrypted payment apps—to raise, move, and store funds with increasing sophistication and anonymity.”
The Pulwama attack was just one of several case studies. Another involved the 2022 Gorakhnath Temple attacker, who used PayPal to send money and VPNs to cover his tracks while communicating with ISIS-linked handlers.
It’s not just a tech issue anymore—it’s national security.
How the Pulwama Attack Was Orchestrated Online
In the Pulwama case, the investigation traced procurement of aluminium powder—a common material but also a potent one in explosives manufacturing—to an e-commerce site. That detail alone signals a shift in how terror cells operate.
A few more pieces of the logistics puzzle were also online-driven:
-
SIM cards were obtained using fake IDs via online vendors
-
Explosive components were bought in small batches to avoid detection
-
Some payments were made using digital wallets tied to unverified or foreign phone numbers
Nineteen individuals were eventually charged under UAPA, including seven foreign nationals. These arrests led to the recovery of several hideouts, vehicles, and money trails, many of which were tied to digital platforms.
Just one sentence from the FATF report sums it up best: “The Pulwama case exposed a sophisticated layering of physical and digital logistics that bypassed traditional surveillance mechanisms.”
Growing Use of Fintech by Global Terror Networks
This isn’t an India-only problem. FATF’s global findings show terrorist organizations worldwide are going cashless and contactless.
One disturbing trend the report outlines is the use of crypto-funded e-commerce accounts. In several incidents from Europe and the Middle East, terror groups were found laundering money through online resellers.
Here’s a snapshot from the FATF’s recent analysis:
| Terror Incident | Country | Digital Element Used | Platform Involved |
|---|---|---|---|
| Pulwama IED Attack | India | E-commerce transaction | Amazon (as per Indian probe) |
| Gorakhnath Stabbing | India | VPN + PayPal | PayPal |
| Paris Knife Attack | France | Prepaid Crypto Cards | Binance, LocalBitcoins |
| Hamas Tunnel Funding | Palestine | Online donations | Telegram Channels |
The table makes it painfully clear: physical borders don’t limit terror funding anymore.
Regulatory Vacuum and Surveillance Gaps
The FATF report also criticizes the lag in regulation. While financial technologies are evolving at breakneck speed, laws governing them—especially internationally—are sluggish.
Many fintech companies, particularly in the crypto and peer-to-peer space, don’t require rigorous KYC (Know Your Customer) checks in some jurisdictions. That’s a red flag, the report says.
One FATF analyst, quoted anonymously, said: “There’s an urgent need for governments to treat digital financial infrastructure like airports—they’re being used as transit hubs for dangerous cargo.”
Even in India, enforcement agencies have struggled to keep pace. Investigators involved in the Pulwama probe said that tracking down the seller of the aluminium powder was far harder than it should have been, given how unregulated some vendor accounts were.
India’s Response Still Evolving
India has ramped up its digital surveillance and anti-terror protocols since Pulwama and the Gorakhnath incident. But gaps remain.
A 2023 amendment to India’s Prevention of Money Laundering Act (PMLA) brought e-commerce companies and digital wallets under reporting requirements for suspicious transactions. However, enforcing this across thousands of vendors and platforms remains a logistical nightmare.
One senior official from the Ministry of Home Affairs told reporters off record, “You block one app, they jump to another. You ban a crypto exchange, they move to a Telegram bot.”
The Centre is now reportedly working with FATF and Interpol to create a shared global database of “digital red flags”—IP addresses, wallet IDs, and vendor names that have surfaced in past terror financing probes.
Still, the challenge ahead is mammoth.
E-Commerce Giants on the Radar
FATF hasn’t named Amazon or PayPal directly in its report, but Indian probes into Pulwama and Gorakhnath have highlighted these platforms.
Amazon said it complies with all Indian regulations and cooperates fully with law enforcement. PayPal issued a similar statement after the Gorakhnath revelations, saying it had “zero tolerance” for misuse of its systems.
But critics say self-regulation isn’t enough. Cybersecurity expert Pukhraj Sharma told India Today: “The internet is a global bazaar—but it also needs a global cop. Right now, we don’t have one.”
That might change, as FATF’s findings are likely to push more countries to force tighter compliance on digital platforms, especially those handling payments.
But the stakes couldn’t be higher—because next time, the purchase may not just be aluminium powder.
