An international coalition of law enforcement officials announced they had ensnared alleged criminals around the world after duping them into using phones loaded with an encrypted messaging app controlled by the FBI.
The audacious effort — led by the FBI, Australian police, and a host of European law enforcement agencies — gave the officials a window into the conversations of criminal networks, as people planned illegal drug shipments, plotted robberies, and put out contracts for killings.
Law enforcement officials — some of whom Tuesday could barely contain their glee — announced they had arrested more than 800 people and gained an unprecedented understanding into the functioning of modern criminal networks that would keep fueling investigations long past the coordinated international raids that took place in recent days.
The effort was “one of the largest and most sophisticated law enforcement operations to date in the fight against encrypted criminal activities,” Jean-Philippe Lecouffe, the deputy executive director for operations of Europol, the agency that coordinates police activity among the 27 European Union countries, said in a news conference in The Hague.
For nearly three years, law enforcement officials have been virtually sitting in the back pocket of some of the world’s top alleged crime figures. Custom cellphones, bought on the black market and installed with the FBI-controlled platform, called Anom, circulated and grew in popularity among criminals as high-profile crime entities vouched for its integrity.
The FBI in the past has dismantled encrypted platforms used by criminals to communicate and infiltrated others. This time, it decided to market an encrypted app of its own to target organized crime, drug trafficking, and money laundering activities across the globe. The FBI effort was aided by a paid collaborator who had previously marketed other encrypted devices to members of the global criminal underworld.
A breakthrough came after Australian police met with the FBI in 2018 over a couple of beers, according to officials. The Australians then built a technical capability to access, decrypt and read communications on the FBI’s platform.
The users believed their Anom devices were secured by encryption. They were — but every message was also fed directly to law enforcement agents.
“Essentially, they have handcuffed each other by endorsing and trusting Anom and openly communicating on it — not knowing we were watching the entire time,” Australian Federal Police Commissioner Reece Kershaw said.
The global operation, known as Special Operation Ironside in Australia and Trojan Shield in the United States and Europe, has allegedly exposed criminals linked to South American drug cartels, triad groups in Asia and criminal syndicates based in the Middle East and Europe. A total of 17 countries took part in the effort.
Officials said raids in those countries in recent days had impounded more than eight tons of cocaine, 22 tons of marijuana and hashish, two tons of methamphetamine and amphetamine, 250 firearms, 55 luxury vehicles and more than $48 million in cash and cryptocurrencies.
The operation has “struck a heavy blow against organized crime,” Australia’s Prime Minister Scott Morrison said, “not just in this country but one that will echo around organized crime around the world.”
More than 9,000 law enforcement officers were involved, sifting through 27 million messages that were sent via the app over the 18 months of the operation. The alleged criminals used the app like an illicit WhatsApp or text message system, communicating in 45 languages to trade details of their activities, officials said. The countries with the most users were Germany, the Netherlands, Spain, Australia and Serbia, according to an FBI filing in a federal court that was unsealed late Monday.
“To give you an idea of the magnitude of our penetration, we were able to actually see photographs of hundreds of tons of cocaine that were concealed in shipments of fruit. We were able to see hundreds of kilos of cocaine that were concealed in canned goods,” Calvin Shivers, assistant director from FBI’s Criminal Investigative Division, told reporters in The Hague. “The results are staggering.”
Demand for the devices soared as law enforcement officials shut down older, rival encrypted networks, including one called EncroChat that was dismantled in July 2020 and another, Sky Global, that was targeted in March. Before March, there were about 3,000 users of the FBI-penetrated devices. Afterward, the clientele nearly tripled, the FBI court filing said.
The operation was revealed Tuesday in part because a warrant in a third country to forward messages to U.S. authorities expired June 7, the filing said. Acting U.S. attorney in San Diego Randy Grossman announced Tuesday that his office had charged 17 foreign nationals with distributing thousands of encrypted communication devices to criminal syndicates. Eight of them, he said, had been arrested. The rest are considered fugitives.
“The supreme irony here is that the very devices that these criminals were using to hide from law enforcement were actually beacons for law enforcement,” Grossman said in a statement. “We aim to shatter any confidence in the hardened encrypted device industry with our indictment and announcement that this platform was run by the FBI.”
Users typically pay between $1,500 and $2,000 for a six-month service plan for such devices, and are typically able to gain access only by being greenlighted by a current user, the filing said, a step that builds user trust. At a news conference to announce the operation, U.S. officials said that while the encryption technology has benefits, the operation shows how it can be exploited by nefarious actors.
“Encryption also allows the criminals to operate in the same safe, secure environment, hiding their communications in a cloak of secrecy,” said Suzanne Turner, the special agent in charge of the FBI in San Diego.