UK Police Crack Encrypted Messaging App, Arrest Over 700 Suspected Criminals

UK Police Crack Encrypted Messaging App, Arrest Over 700 Suspected Criminals
Image: Getty Images
Facebook may have decided that you shouldn’t see the news, but we think you deserve to be in the know with Gizmodo Australia’s reporting. To sign up for our daily newsletter covering the latest news, features and reviews, head HERE. For a running feed of all our stories, follow us on Twitter HERE. Or you can bookmark the Gizmodo Australia homepage to visit whenever you need a news fix.

A team of police forces across Europe has infiltrated an encrypted messaging app called Encrochat, leading to the arrests of more than 700 suspected criminals and the seizure of nearly $100 million in cash.

The international team, spearheaded by the United Kingdom’s National Crime Agency (NCA), has said it’s disrupted a number of criminal networks operating across Europe in its biggest operation to date.

The team said it had infiltrated Encrochat, which allegedly has 60,000 users worldwide and 10,000 in the UK specifically. It said the sole use for Encrochat is to communicate and organise the distribution of illegal drugs, money laundering operations as well as assassination attempts on rival groups.

The app is widely used on phones best described as modified Android devices, a Motherboard investigation revealed. The report also identified many of them were a BQ Aquaris X2 device — a 2018 phone released in Spain. The device comes with pre-loaded apps for instant messaging, the ability to make VOIP calls as well as a PIN that instantly wipes it of any data. GPS, camera, and microphone functionality is also removed. The NCA said each device would cost about £1,500 ($2,700) for a six-month contract.

The National Crime Agency monitored Encrochat communications for two months

Despite Encrochat’s promise of a secure service, the NCA said it had found a way in and had been monitoring millions of messages and images sent by criminal organisations on the app. According to Motherboard’s report, the NCA malware could hide itself on a device, record its screen lock password and clone data from the app.

Encrochat users alerted the encryption service to the possibility of an unseen malware infiltration after the instant wipe function stopped working. By June 13, Encrochat had become aware the NCA had infiltrated the app and urged its users to throw away their devices because it could no longer guarantee secure communications.

“Due to the level of sophistication of the attack and the malware code, we can no longer guarantee the security of your device,” Encrochat’s message to users said.

“You are advises [sic] to power off and physically dispose your device immediately.”

But by then, as we know, it was too late. The NCA’s team had been monitoring the service for at least two months.

Along with the 734 suspects arrested and £54 million ($97 million) seized, the NCA announced it had also captured firearms, drugs and luxury cars and watches.

“A dedicated team of over 500 NCA officers has been working on Operation Venetic night and day, and thousands more across policing. And it’s all been made possible because of superb work with our international partners,” Nikki Holland, the NCA’s Director of Investigations, said.

“Together we’ve protected the public by arresting middle-tier criminals and the kingpins, the so-called iconic untouchables who have evaded law enforcement for years, and now we have the evidence to prosecute them.

“The NCA plays a key role in international efforts to combat encrypted comms. I’d say to any criminal who uses an encrypted phone, you should be very, very worried.”