Feds Secretly Ran a Fake Encrypted Chat App and Busted Over 800 Criminals

In a massive sting operation, the U.S. Federal Bureau of Investigation (FBI) and Australian Federal Law enforcement (AFP) ran an “encrypted chat” service identified as ANoM for nearly 3 a long time to intercept 27 million messages amongst prison gang customers globally.

Dubbed Procedure Ironside (AFP), Procedure Greenlight (Europol), and Operation Trojan Defend (FBI), the extended-term covert probe into transnational and significant arranged crime culminated in the arrests of 224 offenders on 526 charges in Australia, with 55 luxurious automobiles, 8 tons of cocaine, 22 tons of hashish and hashish resin, 250 firearms, and extra than $48 million in a variety of currencies and cryptocurrencies seized in raids all-around the planet.

A total of far more than 800 arrests have been described across 18 countries, which include New Zealand, Germany, and Sweden. Europol termed it the “largest ever legislation enforcement operation versus encrypted conversation.”

Stack Overflow Teams

The communications allegedly associated plots to kill, mass drug trafficking, and gun distribution, according to the AFP. Accessibility to these encrypted messages was gained lawfully by means of working with the Telecommunications and Other Legislation Amendment (Support and Entry) Act 2018, the agency added.


“For almost a few yrs, the AFP and the FBI have monitored criminals’ encrypted communications over a Devoted Encrypted Communications System,” AFP claimed. “The AFP crafted a capability that authorized regulation enforcement to obtain, decrypt and study communications on the system. The AFP and FBI had been capable to seize all the facts sent involving equipment employing the system.”

The encryption barriers had been surmounted by inserting a master essential into ANoM’s encryption process that was stealthily connected to just about every information, consequently enabling the legislation enforcement to execute a male-in-the-center (MitM) plan to decrypt and retrieve the messages as they have been transmitted. For products found exterior of the U.S., an encrypted “BCC” duplicate of the messages was forwarded to a server exterior of the U.S., from in which it was forwarded to a next FBI-owned server for subsequent decryption.


ANoM (aka Anøm) is mentioned to have been deliberately produced to fill the vacuum left by Phantom Safe, one more encrypted cell phone support dismantled by the FBI in 2018, thereby making it possible for the businesses to keep an eye on the discussions with out the criminals’ information. In a transfer echoing the latter, criminals desired to be component of a closed community to get keep of a phone on which ANoM arrived preinstalled, although the products by themselves were being stripped of all other functionality.

Prevent Ransomware Attacks

Among some of the functions of the app provided —

  • Deliver encrypted text and voice messages
  • Make protected voice phone calls
  • Share shots, video clips, animated GIFs, places, drawings and much more.
  • Send data files of any form

In addition, cellular phone proprietors can also verify their contacts via a QR code, produce distribution lists, and chat entirely anonymously without having even demanding a cellphone amount, according to a listing from the now taken down anom.io web page.


Operation Ironside follows identical regulation enforcement actions that involved infiltrating encrypted chat platform EncroChat to check tens of millions of encrypted messages despatched by structured criminal offense networks by means of the system. Earlier this calendar year, a coordinated training below the identify “Procedure Argus” staged major interventions against Sky ECC, main to almost 275 raids and the arrest of 91 suspects, in addition to seizing 17 tonnes of cocaine and €1.2 million.

The FBI utilized a private human source, who experienced previously marketed phones from both Phantom Safe and Sky Global to felony businesses and had “invested a sizeable volume of revenue into the progress of a new hardened encrypted device” (i.e., ANoM), to distribute the gadgets to legal networks.

“The devices organically circulated and grew in popularity amongst criminals, who had been self-assured of the legitimacy of the app simply because superior-profile organised criminal offense figures vouched for its integrity,” the AFP explained. By May 2021, the phones, which were procured from the black marketplace, experienced elevated to 11,800 in range, of which about 9,000 are in active use, spanning more than 300 legal syndicates working in extra than 100 countries.

The top rated 5 international locations wherever Anom units are at the moment used are Germany, the Netherlands, Spain, Australia, and Serbia, unsealed court docket files show, with its user foundation owning grown considerably in the aftermath of Sky ECC’s disruption.

“Just after the takedown of Sky ECC in March 2021, several organised criminal offense networks sought a brief encrypted alternative for a communication platform that would let them to evade law enforcement detection,” Europol said. “This was a deliberate and strategic part of OTF Greenlight / Procedure Trojan Defend resulting in the migration of some of the legal Sky ECC client base to the FBI-managed platform ANoM.”

The international coalition that participated in the joint procedure consisted of Australia, Austria, Canada, Denmark, Estonia, Finland, Germany, Hungary, Lithuania, New Zealand, the Netherlands, Norway, Sweden, the U.K. (like Scotland), and the U.S.

“A target of the Trojan Protect investigation is to shake the self-assurance in this complete field due to the fact the FBI is inclined and equipped to enter this space and watch messages,” for every the courtroom paperwork.

Fibo Quantum