FBI got to the pockets of criminal gangs by selling them messaging app

FBI-got-to-the-pockets-of-criminal-gangs-by-selling-them-messaging-app-purple

ANOM secure messaging app: Approximately 9,000 officers deployed in 48 hours to over 700 locations in 16 countries across the United States, Europe, and Oceania. Over 800 criminals arrested, including kingpins and as much as $48 million in cash and crypto, 250 firearms and 32 tons of drugs seized. More than 50 illegal drug labs dismantled, along with one of the leading ones in Germany.

“The results are staggering,” the FBI Assistant Director Calvin Shivers commented on the sting operation Trojan Shield. However, the multinational raid was only made possible by law enforcement’s inventive honeypot for criminals, a supposedly “secure” messaging app ANOM.

 

LIFARS will find weaknesses in your infrastructure, exploit them, and report their findings. Ethical hacking and exploitation are a core expertise of our penetration testers and our red team members.

Exploiting the High Demand

At the kickoff of the operation in 2018, the FBI took down Phantom Secure. What used to be the most popular communication service within the global criminal community needed a substitution. Meanwhile, police were parallelly equipped with already existing distribution networks.

Criminals were encouraged to use specific phone devices which were touted as trustworthy by criminals for their limited camera, microphone, and GPS functionalities. Moreover, the single preinstalled messaging app (ANOM) was truly encrypted and exchanged data via proxy servers. There was no indication about it being a trojan horse.

In reality, the phone’s traffic was distributed through police servers as well. The authorities had access to the a “private” decryption key included in every message sent via ANOM. That provided them with the full capability of monitoring raw criminal conversations on drug businesses, money laundering or murder plans.

In March this year, an anonymous online user named “canyouguess67” published a blog named “ANOM EXPOSED”. He/she shared their concerns about the number of IP addresses the traffic was running through based in Five Eyes countries. After public disclosure of the operation, the author took the blog down.

Taking Matters in Their Own Hands

Encrypted messaging apps have been a thorn in the side of law enforcement for some time. Besides their positive value as secure platform for private communications, they also provide cover for various criminal and terrorist activities.

Security agencies’ search for unintended bugs and implementation of designed backdoors in communication software is notorious. However, exploiting the whole supply chain by tricking criminals into using phones containing police-run app is a rarity.

“The success of Operation Trojan Shield is a result of tremendous innovation, dedication and unprecedented international collaboration” – FBI Assistant Director Calvin Shivers

Hiding under the guise of a distributor of secure devices and apps seems like an innovative directed effort for authorities. The infiltration of illicit syndicates is not new or sophisticated investigation tool, but it does remain the most effective one.

 

References

Europol: 800 criminals arrested in biggest ever law enforcement operation against encrypted communication

US DoJ: FBI’s Encrypted Phone Platform Infiltrated Hundreds of Criminal Syndicates; Result is Massive Worldwide Takedown

The Verge: The FBI secretly launched an encrypted messaging system for criminals