Law enforcement agencies in Europe recently cracked an instant messaging system used by organized crime before the ensuing police operation ultimately led to the arrests of more than 800 suspected criminals, mostly in the United Kingdom. The service, dubbed EncroChat, was used by 60,000 people worldwide to manage their criminal enterprises.
EncroChat’s operating system operated on specially customized Android phones that could switch between both systems. The encrypted communication platform included features such as VoIP calls and self-destructing messages that would delete themselves from the user’s device after a certain time period elapsed, as well as a panic wipe feature, which would wipe the device clean of any data after a four-digit code was entered. The service sold these devices for £900 (US$1,120) a pop with an additional £1,350 (US$1,680) charged for a six-month subscription.
According to Motherboard, the breakthrough was achieved by the French authorities, which were able to penetrate the EncroChat network and install a technical tool that allowed European law agencies to read over a hundred million encrypted messages that were being sent through the service in real-time.
Once the service realized that the jig was up and it had been compromised, it alerted its users on June 13th, telling them to ditch their devices. But apparently this warning came too late, as the law enforcement swooped to arrest hundreds of criminals in the UK, France, the Netherlands, Norway, and Sweden.
“The infiltration of this command and control communication platform for the UK’s criminal marketplace is like having an inside person in every top organized crime group in the country,” said Nikki Holland, Director of Investigations of the UK's National Crime Agency.
In what is considered one of the UK’s most significant law enforcement operations ever, the NCA, Regional Organized Crime Units and police forces arrested 746 suspects and seized over £54 million (some US$67 million) in cash gained from illicit activities, as well as firearms, drugs, and high-end cars and luxury watches.
Meanwhile, France and the Netherlands have conducted separate operations and while France didn’t want to comment on ongoing investigations, their Dutch colleagues have arrested more than 100 suspects. “The expectation is that information will be made available in more than 300 investigations. In a number of cases, more arrests are very likely to follow in the coming period,” reads the press release by Europol, the EU’s law enforcement agency.
ESET security specialist Jake Moore, who used to work as a computer forensics examiner for the UK police, applauded what he called “a significant win against criminals”, but went on to warn that we haven’t seen the end of encrypted criminal communications. “Once a service such as EncroChat is shut down, it is quite normal to see another similar service crop up. This can be with the added benefits of an even more underground service that has learnt from its predecessor’s mistakes.”
Nevertheless, he ended his statement on a more positive note: “However, UK cyber-intelligence in the likes of GCHQ are closing the gap on criminal gangs that have had a head start, and it is likely we will start to see more good news stories on the disruption of more crime.”