Evidence suggests Encrochat is working with the NSA and other authorities
We were recently contacted by a whistle-blower regarding the EncroChat® device which is currently being marketed as the worlds most secure handset and being sold in locations worldwide (Mostly Europe it seems)
The Whistle-blower who appears to be somehow involved with Encrochat (As they are known now) are part of Super Lock Tight which is the PGP supply name of the main company which lives above EncroChat®
This whistle blower stated that one of the largest PGP providers Super Lock Tight based in Canada had actively been working with the NSA and FBI largely due to warrants being issued to them demanding access to there Canadian & Amsterdam based servers — The whistle blower did state that they were unable to get access to other servers located in Malasia & Romania.
Details we received clearly stated that after providing warrants to the main owner only labelled as Geoff Green was to gain access to his company servers thus allowing the authorities to pull stored messages directly from there but also PGP Keys and OTR accounts collected for future use (Most likely to be used if they can pair it to an individual user)
As this is predominantly a Canadian based business labelled in the papers as MYNTEX subject to the laws of Canada which in turn also work closely with the American Authorities its a safe bet to say there might be a lot of truth in the statements made.
Now we already know of the vulnerability in the PGP Address book so this means not only are the authorities now able to intercept BlackBerry messages using PGP encryption but if you have or are a subscriber to this PGP providers network then your data is exposed and worse of all can effectively expose previous emails you have sent still remaining on the server or allow the authorities to intercept your communications exposing not only the individual but the network your associated with also.
Other PGP providers have now started blocking Encrochat mail addresses due to there tactics in moving customers from the Super Lock Tight brand over onto the Android device called EncroChat®.
The documents details that Encrochat was put together to give the company the ability to retain customers from the Super Lock Tight PGP core and move them onto OTR — which we do agree OTR is the safest replacement for the PGP network that BlackBerry devices have destroyed, Crypto phones are big business so to see Encrochat effectively damaging their own reputation to then rise from the ashes as a new Android based business is on one had smart but it makes you think on the other hand if this is ran by the same company by the same man in Canada then of course Encrochat is exposed to the same tactics that have ended Super Lock Tight.
After receiving this information we done some research on Encrochat , they use a Android device with a custom built operating system (The handset model is the 1+1) — and have removed hardware elements from the device itself. But similar to what the BlackPhone tried to do this device has a second operating system built in (OS) which is a standard Android platform — This is to give clients the ability to switch between the OS in place albeit the BlackPhone had 4 profiles to switch between — The idea behind this is for deniability meaning someone turning on the device thinks its a standard smart-phone but by holding down the down volume button and the power button loads the Encrypted OS.
Now with most people having to use multiple devices to switch between business and pleasure whilst trying to keep your data & communications private still being a priority so ask yourself can a device really be two things and not leak data? (Especially with Malware and Key logging software out there)
Wi-Fi and we already know this is a way into the device itself using the Wi-Fi the CIA as of this moment can install a program on your device that periodically takes screen shots of your activities and sends them home all without your knowledge or consent, check out Fin Fisher for more information on this.
Our expert opinion after purchasing one of the devices and testing it with our own IT forensic team is we cannot back up the claims that Encrochat have made regarding Cellebrite being unable to decrypt this device, we have contacted Cellebrite directly regarding this statement and were told by Leeor Ben-Peretz who is Director of Mobile Forensics at Cellebrite.
“Encrochat has been on our radar recently after being approached by the NFI to decrypt and extract data from the device , we can say we successfully gathered integral data from the Android device which will help the NFI in their on-going investigations”
Cellebrite never went into detail on how they managed to extract the data but we have the idea that a data dump was part of it as our own team managed to crack that at-least.
The thing is Encrochat put substance behind Cellebrite in there attempt to devalue PGP and move clients from BlackBerry on to their own device — You can find Encrochat agreeing that the NFI used Cellebrite to extract data from a BlackBerry handset and now that has propelled Cellebrite onto the mainstream they now use there name to market their own device.
It’s already well known that you can’t have Wi-Fi on a device regardless of what encryption protocol you are using if you really want to be secure, as this is a way into the device itself to allow Malware or key loggers onto the device and if that happens then who really needs your passwords when your effectively giving “them” what they need directly, then when you add in the fact the device has two operating systems you can then start to appreciate that this like most others that claim to be the “most secure device in the world” is really just another perception of security which has been commercialized to the masses.
Encrohat spend a considerable amount of money on marketing the product especially in there fight with Ennetcom which doesn’t look to be ending anytime soon. They are right to make people aware that PGP on BlackBerry devices are no longer safe and OTR is the natural replacement but OTR is only as strong as the device its integr