FBI has revealed how it used the stealthy encrypted chat program AN0M to trick the cybercriminals underworld. As a result, hundreds of people were arrested, 32 tons of drugs, 250 firearms, 55 luxury cars, more than $148 million, and even cocaine-filled pineapples.

In an operation called Operation Ironside (AFP) / Trojan Shield (FBI, Interpol), law enforcement agencies raided homes and arrested thousands of suspected members of various criminal groups.

According to the report, the Federal Bureau of Investigation (FBI), Dutch National Police (Politie), Swedish police department (polisen), US Drug Enforcement Administration(DEA), and police from 16 other countries are exported with the support of Europol.Cooperation against criminal activity around the world. Around 12,000 smartphones with AN0M installed have been sold to organized crime networks. The device is marketed as a purely encrypted messaging tool, no GPS, no email or web browser, no voice calls, no camera or microphone. “Criminals designed it only for criminals,” said Randy Grossman, assistant attorney general for Southern California.

“Since 2019, the US Federal Bureau of Investigation, in close coordination with the Australian Federal Police, strategically developed and covertly operated an encrypted device company, called ANOM, which grew to service more than 12 000 encrypted devices to over 300 criminal syndicates operating in more than 100 countries, including Italian organized crime, outlaw motorcycle gangs, and international drug trafficking organizations.” reads the press release published by the EUROPOL.

At today's press conference, Australian police confirmed that Trojan Shield was launched in 2018 after the FBI took over Phantom Secure's encrypted chat platform.

The US and Australian authorities then joined forces to launch their communication service, Anom aka AN0M. It is an encrypted chat platform that secret agents of the FBI have secretly infiltrated. Since encrypted traffic sends your phone number through the central An0m platform, security devices do not use your phone number to communicate. The criminals use secure smartphones configured to use only the An0m app, which can only communicate with colleagues with the same settings. It is promoted in the underworld through the Darkweb and many cybercrime forums at anom.io.

"*The FBI opened a new covert investigation, Operation Trojan Shield, which centered on exploiting Anom by inserting it into criminal networks and working with international partners, including the Australian Federal Police (“AFP”), to monitor the communications. Before the device could be put to use, however, the FBI, AFP, and the CHS built a master key into the existing encryption system, which surreptitiously attaches to each message and enables law enforcement to decrypt and store the message as it is transmitted. A user of Anom is unaware of this capability.” reads court documents describing the process implemented by the police to tamper into the communications...

“By design, as part of the Trojan Shield investigation, for devices located outside of the United States,5 an encrypted “BCC” of the message is routed to an “iBot” server located outside of the United States, where it is decrypted from the CHS’s encryption code and then immediately re-encrypted with FBI encryption code. The newly encrypted message then passes to a second FBI-owned iBot server, where it is decrypted, and its content available for viewing in th first instance”*

Australian police analyzed the majority of the intercepted messages collected as an integral part of Operation Trojan Shield. The information collected is passed on to various law enforcement agencies around the globe to help coordinate operations. In the past, law enforcement has also invaded communities behind other crypto communication platforms, EncroChat, Sky ECC, etc.

“This operation is an unprecedented success by the authorities in the United States, Sweden, the Netherlands, Australia, New Zealand, and the other European members of the Operational Task Force. Europol coordinated the international law enforcement community, enriched the information picture, and brought criminal intelligence into ongoing operations to target organized crime and drug trafficking organizations, wherever they are and however they choose to communicate. I am delighted to see Europol supporting this operation and strengthen law enforcement partnerships by emphasizing the multi-agency aspect of the case.” said Europol’s Deputy Executive Director Jean-Philippe Lecouffe.

“Encrypted criminal communications platforms have traditionally been a tool to evade law enforcement and facilitate transnational organized crime. The FBI and our international partners continue to push the envelope and develop innovative ways to overcome these challenges and bring criminals to justice,” said the FBI’s Criminal Investigative Division Assistant Director Calvin A. Shivers. “We are grateful to Europol for their commitment to fighting transnational organized crime and their partnership with the FBI.,” said Calvin Shivers, Assistant Director, Criminal Investigative Division, US Federal Bureau of Investigation.

• Australian cops, FBI created backdoored chat app, told crims it was secure – then snooped on 9,000 users' plots

• Belgian police seize 28 tons of cocaine after 'cracking' Sky ECC's chat app encryption

• US govt indicted me because I make privacy tools, says crypto-chat app CEO accused of helping drug smugglers

• Blessed are the cryptographers, labeling them criminal enablers is just foolish

While the government has prolongedly opposed applications and services that provide encrypted communications, except for Anom, allowing law enforcement to intercept messages, ironically, the situation did not go unnoticed by the Order and demonstrated its merits.

"Operation Ironside began almost three years ago and is the Australian component of a long-term, international, covert investigation. The FBI and AFP targeted the dedicated encrypted communications platform, which was used exclusively by organized crime," the AFP said in an announcement. "After working in close partnership on Operation Safe Cracking to take down the encrypted platform provider Phantom Secure, the AFP and FBI worked together to fill the vacuum."