Phone app sting blows lid on organised crime

Jakarta — It took $100,000 plus expenses, and the opportunity for a reduced prison sentence, for the developer of the Phantom Secure smartphone to collaborate with the FBI in 2018 and kick-start Operation Trojan Horse, which laid bare the extent of global organised crime.

Three years later, the investigation involving 9,000 law enforcement officers from 17 countries resulted in authorities monitoring 27 million messages from 12,000 devices in 100 countries and tracking the activities of more than 300 organised crime groups, according to Europol, the EU’s law enforcement agency.

To date, there have been more than 800 arrests with more than eight tonnes of cocaine, 22 tonnes of cannabis, two tonnes of synthetic drugs, 250 guns, 55 luxury vehicles and more than $48m in cash and cryptocurrencies seized, Europol said.

More arrests and seizures are expected, it said.

A US court document — an affidavit from an FBI special agent first published by Vice News — says the “confidential human source”, a former drug trafficker, had been creating a new encrypted smartphone with a bespoke app known as ANOM.

The source agreed to co-operate after authorities dismantled the Phantom Secure network and arrested its CEO in 2018.

For at least a decade, organised crime groups have used phones such as Phantom Secure to organise drug deals, hits on rivals and launder illicit earnings without detection, police say. Among many of the phones’ features, content can be wiped remotely if they are seized.

And as one model was put out of business, new ones would enter the lucrative market. The FBI then decided it would launch its own device, inserting a master key into the ANOM app that attached to each message and enabled officers to decrypt and store them as they were transmitted.

‘Couple of beers’

In 2018, Australian police and analysts met with the FBI. “As you know, some of the best ideas come over a couple of beers,” said Australian Federal Police (AFP) commissioner, Reece Kershaw.

Prodded by authorities, the developer-turned-informant tapped his trusted distributors, who targeted the Australian market. The authorities settled on a soft launch in October that year and the developer gave the distributors 50 devices to sell. Seeing a “huge payday”, they agreed according to the affidavit.

As the AFP monitored the messages and photos shared on the devices, “100% of ANOM users in the test phase used ANOM to engage in criminal activity”, according to the affidavit. Business grew by word of mouth. Soon, overseas criminals were flocking to use the ANOM phone.

Besides hundreds of arrests and seizing tonnes of drugs, Australian authorities also foiled 21 murder plots, including a mass killing, thanks to ANOM.

But, due to “technological issues”, the FBI could not directly monitor the phones in Australia. However, a court order in late 2019, issued by an unspecified country where a server for the phones was located, gave the agency greater and faster access to their content.

The FBI and other countries’ law officers discovered that Italian organised crime groups, Asian triads, biker gangs and transnational drug syndicates used the app.

The FBI agent’s affidavit, and the AFP’s Kershaw, said criminals often used the phones without code words and frequently shared photos of drug consignments and details of how they would be transported.

Among the images contained in the affidavit were mounds of illicit drugs and a diplomatic pouch identified in the court document as French and allegedly used to transport cocaine from Colombia.

There was also evidence of corrupt government officials and police officers. Crime groups were being “notified of anticipated enforcement actions”, according to the affidavit.

“The review of ANOM messages has initiated numerous high-level public corruption cases in several countries.”

ANOM's popularity surged after raids in March that targeted users of another encrypted phone, Sky ECC, with active users rising to 9,000 from 3,000 in a matter of months, according  to the affidavit.

But the expiry of the unspecified country’s court order on Monday signalled the end of the phones’ source of criminal intelligence. In a series of news conferences across the world the next day, Operation Trojan Horse was revealed.

Reuters