Read on Twitter
New: leaked documents and sources from in and around the criminal world detail an extraordinary operation. Police infiltrated an encrypted phone network, and for months read millions of messages. It's hard to overstate how big this is for organized crime https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked?
The story starts with Mark (for legal reasons we're not using his real name). He's an alleged UK-based drug dealer who uses Encrochat, an encrypted phone network. Takes security seriously, uses codenames and these devices https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
But something was going down. Police kept arresting Mark's associates. Police also arrested criminals spread throughout Europe. A drug raid here, a shipment stopped there. In text messages we obtained, Mark saw police uptick, wondered what was happening https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
In fact, the thing that pulled all of these arrests together was Encrochat. Authorities had penetrated the network, and deployed a technical tool in what appears to be a mass hack of Encrochat users. Thing that originally protected criminals exposed them https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
We obtained documents that include some of those Encrochat messages because alleged criminals. The detail is staggering. Entire allegedly criminal operations laid out step-by-step. https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
Don't just take the police's word for it. We've been speaking to Encrochat users, those in the crime world about the impact of this apparent mass hacking operation against a phone network used by organized crime
"People are fucked" https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
"People are fucked" https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
More context on the devices: this isn't something you typically buy from an ordinary phone shop. You meet a reseller for a street deal to buy the phone, according to a former user https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
The Encrochat devices themselves are modified BQ Aquarius X2s, a 2018 Android handset https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
Encrochat was particularly popular in Europe with criminals. As we're reported before, other companies include MPC, which was created by top-level drug traffickers. Phantom, which started as a legit company but later catered to criminals, sold to Sinaloa https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
A hitman used Encrochat devices. So did drug gangs around Europe. A current inmate who said they previously used Encrochat said the phones became the industry standard https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
Move to May, and Encrochat receives messages from some users. The wipe feature of their phone wasn't working. This is supposed to remove user data from the device by entering a PIN. Maybe it was just user mistake https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
This wasn't a mistake though. Encrochat associate said they examined one of the X2 devices with the issue, and found malware. The phone had been hacked https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
This malware could disable the screen lock, wipe feature, clone application data, etc https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
Encrochat pushed a patch to fix the issue, but shortly after, the hackers struck back, this time with seemingly more potent malware. They were escalating https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
French authorities wouldn't go into detail on this malware/hack, but said it deployed a "technical tool." Dutch added this was done before messages were encrypted so they could be read https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
But it was too late. The hackers, who were French authorities, already had an incredible amount of data from Encrochat users. We obtained copies of some of those actual messages. Included photos of the drugs, family. Full compromise of criminal networks https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
As said, it is really hard to overstate just how big of a deal this operation is. As the arrests happened around Europe, criminal underworld sources told me that people were trying to flee, unsure of what phones to use. Comms cut. Drugs up in price. https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
For more context on the encrypted phone industry, here is another investigation we published last year, revealing that MPC was created by two on-the-run drug kingpins known as The Brothers. MPC also orchestrated assassination of a crime blogger https://www.vice.com/en_us/article/wjwbmm/inside-the-phone-company-secretly-run-by-drug-traffickers
Beyond the huge impact to organized crime, there are also questions on the law enforcement operation itself. French authorities said this move was legal, and it may be. But it does appear to be a mass hack, at scale, of tens of thousands of Android devices https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
Here are just some of the images coming from various law enforcement agencies on what they seized/found. Pill mills, cash, weapons, cars, obviously drugs https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
When we reached out to Encrochat for comment, an associate told us via email that they were closing the encrypted phone network entirely. Encrochat is dead now. https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
Alleged criminal sources continue to contact me: they've been around a long time, but seen nothing like this.
I think this is way more significant than the Silk Road bust, the Alphabay bust, other dark web market operations. Encrochat/encrypted phones is what *real* career/organized criminals use. This was the real thing, not people sending coke via post office https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
This quote I think encapsulates how widespread these phones were in organized crime. The person we obtained the messages of doesn't say 'why isn't this person using Tor/dark web' etc; it's specifically about these phones. These guys real deal https://www.vice.com/en_us/article/3aza95/how-police-took-over-encrochat-hacked
My understanding is that they don't trust consumer devices, and put too much faith in another product that they perceive is more secure because of its high cost. https://twitter.com/reagal/status/1278768413779857411
