Frame-14

Privacy Ninja

        • DATA PROTECTION

        • Email Spoofing Prevention
        • Check if your organization email is vulnerable to hackers and put a stop to it. Receive your free test today!
        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • AntiHACK Phone
        • Boost your smartphone’s security with enterprise-level encryption, designed by digital forensics and counterintelligence experts, guaranteeing absolute privacy for you and up to 31 others, plus a guest user, through exclusive access.

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$3,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Secure your digital frontiers with our API penetration testing service, meticulously designed to identify and fortify vulnerabilities, ensuring robust protection against cyber threats.

        • Network Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Mobile Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Web Penetration Testing
        • Fortify your web presence with our specialized web penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats.

        • RAPID DIGITALISATION

        • OTHERS

FBI and AFP Created a Fake Encrypted Chat Platform to Catch Criminals

FBI and AFP Created a Fake Encrypted Chat Platform to Catch Criminals

In the “largest and most sophisticated law enforcement operations to date,” a joint international law enforcement created a fake end-to-end encrypted chat platform designed solely to catch criminals.

The FBI and the Australian Federal Police started cooperating three years ago in Operation Ironside (aka Operation Trojan Shield), creating a fake encrypted messaging platform called Anom that was sold exclusively to criminals, allowing law enforcement to listen in on their messages and conversations.

“Since 2019, the US Federal Bureau of Investigation, in close coordination with the Australian Federal Police, strategically developed and covertly operated an encrypted device company, called ANOM, which grew to service more than 12 000 encrypted devices to over 300 criminal syndicates operating in more than 100 countries, including Italian organised crime, outlaw motorcycle gangs, and international drug trafficking organisations,” says a press release by Europol.

After reviewing 27 million messages where criminals discussed their activities on the Anom platform, law enforcement was able to arrest 800 people and seize 8 tons of cocaine, 22 tons of cannabis and cannabis resin, 2 tons of synthetic drugs (amphetamine and methamphetamine), 6 tons of synthetic drugs precursors, 250 firearms, 55 luxury vehicles and over $48 million in various worldwide currencies and cryptocurrencies.

Europol states that the following countries participated in the international coalition: Australia, Austria, Canada, Denmark, Estonia, Finland, Germany, Hungary, Lithuania, New Zealand, the Netherlands, Norway, Sweden, the United Kingdom incl. Scotland, and the United States.

The AFP released the following explainer video to explain how the operation was conducted.

Also Read: Compliance Course Singapore: Spotlight on the 3 Offerings

The Anom platform created to snare criminals

Criminal organizations commonly use hardened encrypted messaging platforms to prevent law enforcement from monitoring their communications. 

In 2018, the FBI arrested the CEO of encrypted messaging platform Phantom Secure for marketing customized communication devices to criminal organizations and aiding them in their illegal activities.

The FBI states that after the arrest, they recruited a Confidential Human Source (CHS) who had previously distributed Phantom Secure and Sky Gobal communication devices and was creating their own “next generation” communications device.

According to court documents filed by the FBI and unsealed yesterday, the CHS agreed to work with the FBI in the hopes of a reduced sentence and helped the FBI and the AFP to create a new encrypted messaging platform called Anom.

The CHS also agreed to market the Anom devices to distributors who are known to work with criminal organizations.

To help promote the devices, the operation created the website Anom.io that included a teaser video illustrating the customized messaging device.

When Anom users sent messages, the device would quietly attach a master key to each message that allows law enforcement to decrypt and view the sent messages.

“Before the devices could be put to use, however, the FBI, AFP, and the CHS built a master key into the existing encryption system which surreptitiously attaches to each message and enables law enforcement to decrypt and store the message as it is transmitted. A user of Anom is unaware of this capability.”

“By design, as part of the Trojan Shield investigation, for devices located outside of the United States, an encrypted “BCC” of the message is routed to an “iBot” server located outside of the United States, where it is decrypted from the CHS’s encryption code then immediately re-encrypted with FBI encryption code.”

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

“The newly encrypted message then passes to a second FBI-owned iBot server, where it is decrypted and its contents available for viewing in the first instance.”

The US Attorney’s Office for the Southern District of California will be live-streaming a press conference at 11 AM EST regarding Operation Trojan Shield.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us