The waltz of figures is impressive: 6,558 suspects arrested, more than 7,000 years of cumulative imprisonment, 900 million euros seized, not to mention the hundreds of tons of narcotics intercepted and the hundred assassination projects identified. Three years after the unveiling of Operation Encrochat, this high-tech infiltration of a network of encrypted telephones, the French and Dutch judicial authorities, as well as the European agencies Europol and Eurojust, have just presented their first assessment of a case that shows that the police can turn technology to their advantage.
At the table of criminals
This legal hack has indeed allowed investigators, according to the Eurojust press release, to get their hands on more than 115 million criminal conversations between approximately 60,000 users. “We found ourselves at the table of major criminals”, explained Carole Etienne, the prosecutor of Lille, the court which centralized the investigation. The French gendarmerie began investigations in 2017 after spotting the use of these phones and discovering that the company’s servers were based in Roubaix.
“Ultimately, it was possible to place a technical device” allowing the circumvention of encryption and thus “to access the correspondence of users”, specifies Eurojust laconically. More specifically, the expert gendarmes of the Electronic Computing Department (INL) of the Criminal Research Institute of the National Gendarmerie (IRCGN) first carried out reverse engineering work, before setting up the famous technical device, probably developed by the national capture technical service, a structure attached to the DGSI responsible for designing this type of legal Trojan horse.
The New Yorker specifies in an in-depth investigation that the gendarmes had been able to discreetly copy the servers of Encrochat, including the one dedicated to development. The French experts had then succeeded in programming malware, disguised as an update and sent to all users in April 2020. The malware first made it possible to transmit a copy of the stored images and texts to the police, before then allowing read messages in real time.
Sold for a thousand euros
Based on the BQ Aquaris X2s, the Encrochat phones were Android smartphones that lacked cameras, mics, or GPS. They embarked encryption solutions to pass their messages on the servers of the company Encrochat. The phones, sold for around a thousand euros each, also had a specific PIN code to delete all stored data on the fly, and a dual boot system to start on a more classic Android version.
As noted by the Seriously Risky Business newsletter, this kind of judicial operation – then followed by the dismantling of, for example, SkyECC or Excluded, for example – dealt a severe blow to the “Crimephone” model. In the end, the development of these so-called secure smartphones dedicated to criminals indeed seems to be a boon for the police all over the world, by allowing them to have a better knowledge of criminal networks.