Hundreds Arrested After Cops Dismantle Encrypted Phone Network

Written by

Law enforcement has arrested 746 people in the UK after cracking an encrypted phone network used for criminal activities. The UK National Crime Agency had been working with international partners to crack the EncroChat network since 2016, it revealed today.

EncroChat was one of the largest providers of encrypted mobile communications via its secure mobile phone network, operating from servers in France. It also offered an instant messaging service, the NCA said. It had 60,000 users worldwide, 10,000 of whom were in the UK. They used the network for trading illicit commodities, laundering money and planning hits on rivals, it added.

The service used its own specialist devices, costing around €1000 each. It would then charge €1500 for a six-month subscription offering worldwide coverage. Devices didn't require users to associate a SIM card with their account, and they used a dual operating system with an encrypted interface designed to avoid detection.

The company also removed cameras, microphones, GPS capability and USB ports from its hardware and enabled criminals to delete messages on the devices. It could also wipe them entirely from afar with a kill code.

Each message sent via the device used a different set of keys, according to EncroChat’s website, which said: “If any given key is ever compromised, it will never result in the compromise of previously transmitted messages – or even passive observation of future messages.”

That did not stop police from cracking the system, though. Law enforcement said that EncroChat realized its network had been compromised and warned its users to throw away their handsets on June 13.

It is not yet clear how police managed that decryption, and the French aren’t divulging any information, according to Europol. One clue might lie in EncroChat’s apparent decision to put together its own encryption, which cryptography experts always warn against. Its website said:

“The algorithms employed are many times stronger than that of PGP (RSA+AES). We employ algorithms from different families of mathematics, which protects message content in the event that one encryption algorithm is ever solved.”

French police began investigating the encrypted communication service in 2017 after finding the handsets cropping up repeatedly in criminal seizures. It filed a case with Eurojust, the EU Agency for Criminal Justice Cooperation, in 2019. In April this year, Eurojust set up a joint investigation team comprising French and Dutch police, with support from other countries including the UK, Sweden and Norway.

The French, which also set up its own task force in March this year, led the investigation into EncroChat’s encryption. It was eventually able to insert a device somewhere in the communication chain to access criminal correspondence.

The JIT got access to the network two months ago, harvesting data and sharing it via Europol. UK police used this data to plan Operation Venetic, an attack on the UK organized crime network.

“Operation Venetic is the biggest and most significant operation of its kind in the UK,” the NCA said.

Working with local police, the NCA seized over ₤54m in raids on EncroChat users, along with 77 firearms and two tons of class A and B drugs.

What’s hot on Infosecurity Magazine?