How the FBI cracked a global crime ring by selling them compromised phones

feedproxy.google.com
4 min read
fairly difficult
Australian and US law enforcement officials on Tuesday announced they'd sprung a trap three years in the making, catching major international crime figures using an encrypted app. More ...
An independent news and commentary website produced by academics and journalists. An independent news and commentary website produced by academics and journalists.

than 200 underworld figures in Australia have been charged in what Australian Federal Police (AFP) say is their biggest-ever organised crime bust.

The operation, led by the US Federal Bureau of Investigations (FBI), spanned Australia and 17 other countries. In Australia alone, more than 4,000 police officers were involved.

At the heart of the sting, dubbed Operation Ironside, was a type of "trojan horse" malware called AN0M, which was secretly incorporated into a messaging app. After criminals used the encrypted app, police decrypted their messages, which included plots to kill, mass drug trafficking and gun distribution.

Millions of messages unscrambled

AFP Commissioner Reece Kershaw said the idea for AN0M emerged from informal discussions "over a few beers" between the AFP and FBI in 2018.

Platform developers had worked on the AN0M app, along with modified mobile devices, before law enforcement acquired it legally and adapted it for their use. The AFP say the developers weren't aware of the intended use.

Once appropriated by law enforcement, AN0M was reportedly programmed with a secret "back door", enabling them to access and decrypt messages in real time.

A "back door" is a software agent that circumvents normal access authentication. It allows remote access to private information in an application, without the "owner" of the information being aware.

So the users — in this case the crime figures — believed communication conducted via the app and smartphones was secure. Meanwhile, law enforcement could reportedly unscramble up to 25 million encrypted messages simultaneously.

But without this back door, strongly encrypted messages would be almost impossible to decrypt. That's because decryption generally requires a computer to run through trillions of possibilities before hitting on the right…
The Conversation
Read full article