2 min read

Criminal networks smashed after using “secure” chat app secretly run by cops

Graham CLULEY

June 07, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Criminal networks smashed after using “secure” chat app secretly run by cops

The Australian Federal Police (AFP) has revealed that it was able to decrypt and snoop on the private messages sent via a supposedly secure messaging app used by criminals… because the app was actually the brainchild of the FBI.

At a press conference, AFP commissioner Reece Kershaw described how the idea of “AN0M” – a backdoored messaging app – was dreamt up by members of the FBI and AFP over a few beers after the shutdown in 2018 of “Phantom Secure,” an encrypted phone network used by criminals and drug cartels.

Keen to fill the vacuum left by the dismantlement of “Phantom Secure,” the FBI secretly ran the “AN0M” service, sharing criminals’ supposedly secret communications in real-time with AFP officers, and other law enforcement agencies around the world.

224 people have been arrested in Australia in what has been dubbed “Operation Ironside,” and 3.7 tonnes of drugs, 104 weapons, AU $44.9 million (US $34.75 million) in cash, as well as millions of dollars of other assets such as luxury cars have been seized.

In addition, Australian police say that they have acted on 20 threats to kill.

Many more arrests are expected domestically and internationally – and all because the criminals were using a communications service that they believed was secure, but was in fact run by the cops.

AN0M ran on modified smartphones sold on the black market, stripped of normal functions like email or the ability to even make a phone call, and which required owners to pay a subscription.

Ironically, those subscription fees were actually destined to go into the coffers of the police force that would ultimately arrest those using the devices.

Sneakily, police encouraged informants to seed the app into the criminal underworld, before it was adopted by drug lords who unwittingly acted as “influencers,” giving the app legitimacy and encouraging other criminals to adopt it for communications.

Rather than promoting its secretly-backdoored app, the AN0M website now declares that it has been seized by the authorities and invites users to enter their contact details if they think their account might be linked to an ongoing investigation (!):

This domain has been seized Law enforcement has been monitoring messages and attachments from the ANØM platform. A number of investigations have been initiated and are ongoing. To determine if your account is associated with an ongoing investigation, please enter any device details below:

I wonder how many people will be keen to do that…

According to AFP commissioner Reece Kershaw, “We were able to see every handset that was handed out and attribute it to individuals… The use of encrypted apps represents significant challenges. AN0M gave us insights we never had before.”

Of course, AN0M is just one of many apps claiming to offer secure end-to-end encrypted messaging. There are other more widely-used and more mainstream apps that provide a similar service for anyone – criminal or otherwise – to communicate securely.

The arrests undertaken by the Australian police, which is likely to be replicated by other agencies around the world, will no doubt give some pause to consider whether the secure messaging app they are using really is secure as they think it is.

tags


Author



Right now

Top posts

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
Cyber Tips for a Spook-Free Halloween

Cyber Tips for a Spook-Free Halloween

October 26, 2022

3 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Versailles hospital cancels operations after ransomware attack compromises computer systems Versailles hospital cancels operations after ransomware attack compromises computer systems
Alina BÎZGĂ

December 06, 2022

1 min read
Design Flaw Accidentally Turns Open-Source Ransomware Toolkit into Wiper Malware Design Flaw Accidentally Turns Open-Source Ransomware Toolkit into Wiper Malware
Vlad CONSTANTINESCU

December 06, 2022

2 min read
SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison
Vlad CONSTANTINESCU

December 05, 2022

1 min read