The Largest Criminal Backdoor: Meet Dark Wire
One of my favouriate films when I was younger was The Sting, and where scammers manage to create “the wire” scam and set up a phoney betting shop in order to trick a criminal into making a bet that they will lose. Well, if you replace a phoney betting shop with encrypted phones, you have the largest sting ever conducted: The Dark Wire.
The Dark Wire
Encryption can be used for great benefits to our society. It basically secures our Internet, and where our connections are secure for snooping and where we can trust the sites we connect to. But, it can be used for bad things and by bad people. And, so, law enforcement has always had a problem with encryption, especially in detecting the passing of messages from criminals. So imagine if law enforcement agencies could actually listen to virtually every single message that drug trafficking and money laundering gangs send. Well, it actually happened with the cracking of encrypted phones, and outlined in a new book — Dark Wire.
It all started with the arrest of a drug trafficker and in gaining access to his Phantom Secure Blackberry device. The company who ran the Phantom Secure service not only encrypted messages with their own encryption key, but could remotely wipe it. At the time, these phones were used by many gangs around the world including the Sinaloa drug cartel. When seized, law enforcement agents immediately enclosed the device in a Faraday bag so that it could not receive a remote wipe of the phone. Unbelievably, the drug trafficker had not changed the default password on the phone, so the law enforcement agents instantly gained access to a treasure trove of information on his activities and contacts.
Phantom Secure
In 2016, the FBI eventually arrested the CEO of Phantom Secure — Vince Ramos — and who then pleaded guilty to the active selling of encrypted phones to criminal gangs, and typically used for drug trafficking. Over $80m was eventually sized from the company.
Basically, Phantom Secure integrated Pretty Good Privacy (PGP) into the BlackBerry Messenger service which ran on BlackBerry devices (and which were extremely popular at the time). They also disabled the microphone, camera and GPS features, and where messages were routed into specialised servers in countries that were difficult for law enforcement to gain access to. While it is not illegal to sell encrypted phones, prosecutors were able to show that the company actively supported the sales of the devices to criminal gangs.
The FBI were then able to take over Phantom Secure’s servers and which caused a wave of their customers— over 7,000 at the time — to move to the Sky Global platform on Android:
Both Sky Global and Phantom Secure were based in Vancouver in Canada.
Sky Global provided the Sky ECC service for encrypted messages on modified Nokia, Google, Apple and Blackberry phones. The ECC part of the name came from the usage of Elliptic-Curve Cryptography. As with Phantom Secure’s phones, the service disabled microphones, cameras and the GPS service, along with providing a kill switch. If the phone was not contactable in 48 hours, all of the messages were deleted. While Phantom Secure focused on Blackberry’s, Sky Global also supported Android and iPhone devices.
On the shutdown of Phantom Secure, the FBI also saw criminals move to Encrochat. Overall, Encrochat had been set up to allow celebrities to use unhackable phones — and at a time when it was a regular offence of media agencies hacking into celebrity phones. Rather than just adding an encrypted messaging service, it used its own secure operating system: EncroChat OS [here]:
At the time, the FBI did not have access to Sky Global or Encrochat, and so dreamed up a plan of setting up their own encrypted messaging system and move traffickers to the service. But they had to get users to move onto a new platform. As part of this, in March 2021, the CEO of Sky Global — Jean-Francois Eap — was arrested for the usage of phones by drug traffickers. The defence for Eap outlined:
What has happened here is the equivalent of the government seizing Apple.com
because drug dealers use iPhone encryption features to communicate with each
otherANOM: The Sting
Eventually, French police managed to close down Encrochat. The shutdown of Sky Global and Encrochat was a plan to move drug traffickers away from the network and towards a service that the FBI controlled: ANOM.
Basically, ANOM used the Arcane OS and which was derived from the open-source version of Graphene OS [here]. This ran on Google Pixel phones and has a strong control of the security of the device. In order to promote the device, the developers created interesting features such as running the Calculator App and then entering a PIN number to gain access to the secured Wickr app for encrypted messages. Another entered PIN into the calculator would also wipe the phone. While law enforcement would eventually discover these features, they were all part of the marketing of the phone within criminal gangs.
For the sting, the FBI worked with Australian law enforcement but needed a country in Europe so that they could listen to messages outside the US. For this, Lithuania joined the backdoored network — the third country and set up the Trojan Shield operation. With a backdoor in ANOM, the messages flowed into Lithuania and were then echoed onto the FBI. In some cases, the FBI allowed crimes to follow through, as they could gain more access to gang links, but, in some cases, they fed the information to law enforcement agencies around the world in order that there might be some intervention (especially where there were cases of potential violence and killing involved). In the end, the monitoring generated over 60 charts for the mapping of criminal gangs.
The ANOM device supported pixelation of photos, scrambled voices and secure wiping, but the backdoor echoed unpixelated versions of photos, and unscrambled voices — and made sure that all the messages were echoed to the Lithuania servers (and which were all forwarded to the FBI). Along with this, Arcane OS supported GPS tracking and thus attached GPS coordinates to every message. As far as users could see, it was not possible to enable it.
Well, I will leave it there, but if you want a copy of the book, try here:
Conclusions
The back door in ANOM carried many ethical challenges, especially in whether law enforcement should sit back and allow criminal activities — especially related to killings — to happen without intervening. These days, criminal gangs have moved to E2E (end-to-end encryption) platforms such as Signal, Whats App and Viber:
