Law enforcement arrests hundreds after compromising encrypted chat system

[Karlston]

Law enforcement arrests hundreds after compromising encrypted chat system

746 arrests were made in the UK alone

Photo by Jacob King/PA Images via Getty Images

The UK’s National Crime Agency (NCA) has made 746 arrests and dismantled dozens of organized crime groups after intercepting millions of encrypted text messages, BBC reports. The messages were sent through EncroChat, a subscription-based phone system popular among career criminals. The NCA said in a press conference on Thursday that the operation has had “the biggest impact on organized crime gangs it has ever seen.”

 

European law enforcement agencies appear to have been monitoring these conversations for months. French police first hacked the network, deploying a “technical device” to penetrate EncroChat communications after discovering that some of its servers were hosted in the country. Authorities first cracked EncroChat’s encryption code in March and began receiving data in April.

 

According to a Motherboard report, the cops accessed conversations, which the participants believed to be secure and private, around a wide variety of crimes, including drug operations and money-laundering schemes.

 

EncroChat sold customized Android handsets with GPS, camera, and microphone functionality removed. They were loaded with encrypted messaging apps as well as a secure secondary operating system (in addition to Android). The phones also came with a self-destruct feature that wiped the device if you entered a PIN.

 

The service had customers in 140 countries. While it was billed as a legitimate platform, anonymous sources told Motherboard that it was widely used among criminal groups, including drug trafficking organizations, cartels, and gangs, as well as hitmen and assassins.

 

EncroChat didn’t become aware that its devices had been breached until May after some users noticed that the wipe function wasn’t working. After trying and failing to restore the features and monitor the malware, EncroChat cut its SIM service and shut down the network, advising customers to dispose of their devices.

 

Police have warned that more arrests are coming.

 

“This is just the beginning,” said Dame Cressida Dick, the commissioner of London’s Metropolitan Police, at the conference. “We will be disrupting organised criminal networks as a result of these operations for weeks and months and possibly years to come.”

 

According to Motherboard’s sources, “the criminal world is in disarray,” with some users throwing away their phones, some going offline completely, and others attempting to flee their countries.

 

 

Law enforcement arrests hundreds after compromising encrypted chat system

 

[funkyy]

I saw the BBC News report tonight. Great result for the good guys. Guns and millions of pounds etc in criminal money seized.

We're gonna need a bigger prison!!!

[zanderthunder]

The fate of other security-centric customized Android phones such as Blackphone is still unknown tho.

[AZwaffelForAWaff]

So if police cracked EncroChat, can't they easily crack Signal and other E2E encrypted protocols?

[zanderthunder]

14 hours ago, AZwaffelForAWaff said:

So if police cracked EncroChat, can't they easily crack Signal and other E2E encrypted protocols?

 

The hacking of EncroChat is made possible by a "technical device", but what kind of "technical device" is not detailed yet or even disclosed by the police but I suspect it could be a "tampering device".

On 7/3/2020 at 4:59 AM, Karlston said:

French police first hacked the network, deploying a “technical device” to penetrate EncroChat communications after discovering that some of its servers were hosted in the country.

As for other E2E messaging protocols, it shouldn't be a major issue if the developers are diligent enough to detect any tampering, security leak or any security and privacy issues at all times. Besides, Signal uses Signal Protocol which has multiple-factor encryption system, and I don't think Signal is vulnerable though.