French and Dutch police have boasted of infiltrating and killing off encrypted chat service EncroChat, alleging it was used by organised crime gangs to plot murders, sell drugs, launder criminal profits and more.
The encrypted chat platform is alleged by British, French and Dutch law enforcement agencies to have been used by around 60,000 people in total – many of whom, it is alleged, were members of organised crime gangs using the network to plan their crimes.
"Since 2017, the French gendarmerie and judicial authorities have been investigating phones that used the secured communication tool EncroChat, after discovering that the phones were regularly found in operations against organised crime groups and that the company was operating from servers in France," said EU law enforcement coordination body Eurojust in a statement.
This is what £1.4m looks like... as hauled in by the East Midlands Special Operations Unit. Pic credit: National Crime Agency
In May, police in France, assisted by the Netherlands' cops, infiltrated EncroChat's core network – and in mid-June the operator pulled the plug, having realised the game was up. Users were urged to throw away their handsets.
EncroChat was a reseller of encrypted phones as well as a mobile network operator – potentially an MVNO, if Motherboard's description of its operations is accurate. Its handsets, said to be BQ Aquaris X2 Android units running two OSes side by side – one innocent, one with privacy features enabled – had a custom messaging app which routed messages through a central server.
The phones also had a panic button feature, where entering a certain PIN to the unlock screen would wipe the device. Handsets were said to cost around £1,500 for a six-month contract.
The takedown of the network has been a poorly disguised secret, with Northern Irish suspects reportedly being arrested last week after data from EncroChat's servers was shared around European police forces. Various media reported a fortnight ago that EncroChat's operators pulled the plug after realising the entire product had been compromised by police agencies.
"The data was in first instance shared with the Netherlands. Eurojust facilitated the creation of a joint investigation team (JIT) between the two countries and with the participation of Europol, the European Union Agency for Law Enforcement Cooperation, in April 2020," said Eurojust, which tantalisingly mentioned that Dutch police had access to an "encrypted data stream".
This latter phrase could be read as suggesting that EncroChat's encryption had been broken, though official sources have, perhaps understandably, been very coy about what exactly was done to compromise EncroChat's systems. More should emerge during criminal trials in the coming weeks and months.
After French and Dutch police broke into EncroChat, British police were permitted to use their findings, meaning UK police forces were then able to kick down doors and make arrests. The National Crime Agency (NCA) claims a total of 746 arrests and the seizure of two tonnes of drugs, 77 assorted firearms and £54m in cash – so far – as a result of the EncroChat intelligence.
"The NCA created the technology and specialist data exploitation capabilities required to process the EncroChat data, and help identify and locate offenders by analysing millions of messages and hundreds of thousands of images," said the UK agency in a statement about its Operation Venetic.
There is no evidence in the public domain so far to support British police claims that all 10,000 of EncroChat's UK users were criminals. Such devices are of interest to legitimate users (journalists, lawyers, academics, domestic and foreign political campaigners – to name just a few) as well as criminals, though the UK state is notably hostile to the idea of encrypted comms that its agents can't read whenever they feel like it. ®