On June 7, law enforcement agencies from 17 countries, including Europe, the United States, and Oceania, cooperated to arrest 800 criminals from around the world through a large-scale joint crackdown operation. This discovery is the culmination of Operation Trojan Shield, an international naval investigation using the fake cryptographic messaging app An0m.
The European Criminal Police Agency announced on 8 June that more than 700 seizures and searches were carried out in an international joint crackdown operation and 800 people were arrested. They also confiscated 8 tons of cocaine, 22 tons of cannabis and hemp resins, 2 tons of synthetic drugs such as amphetamines, 6 tons of synthetic drugs, 55 luxury cars and 250 guns, in cash and crypto assets worth $48 million. The encrypted messaging app used in this detection operation is An0m.
An0m, known as the world’s most secure encrypted messaging app, is sold in the form of a smartphone with the app installed, and the price is $1,700 for the main unit and $1,250 per year for a subscription program that allows you to use the app. Also, many features have been removed from the smartphone, and it is impossible to access websites or even make phone calls. Moreover, it cannot be purchased in general stores or shopping malls, and can only be viewed through a special route.
Being an An0m customer like this was a criminal organization that needed to exchange messages in hiding with law enforcement. In order to use An0m, we have built a closed-loop system for members who use the app without worrying about interception because all messages that need special actions on the main screen are encrypted. In addition, An0m provided criminal organizations with a function to delete data if not used for a certain period of time, a function to automatically delete important messages after reading them, and a function to send a voice memo disguised as a user’s voice.
Although An0m was also helpful to the drug organization, the operator was actually law enforcement agencies such as the FBI and the Australian Federal Police AFP. Since its launch in 2018, the 19.37 million messages sent from more than 10,000 An0m-equipped devices were collected by all law enforcement agencies and mainly analyzed by AFP. This large naval investigation is called Operation Trojan Shield and ultimately led to a large-scale discovery operation on June 7, 2021 based on the analyzed message.
The Trojan Shield operation, attended by law enforcement agencies from 17 countries, was triggered by an investigation into Phantom Secure, a Canadian company that sells smartphones specializing in encrypted communications. It is said that the Phantom Secure custom smartphone has earned tens of millions of dollars in profits from Mexican drug giant Sinaloa Cartel and international criminal organizations.
Vincent Ramos, CEO of PhantomSecure, was arrested in March 2018 for ignoring reports that their products were being used by criminal gangs and continuing to sell them. The FBI offered CEO Ramos a deal to lighten the verdict instead of creating a backdoor for the PhantomSecure smartphone and allowing the FBI to monitor gang trends, but Ramos refused. Eventually, the FBI caused the criminal gang to shut down the PantonSecure servers and lose the encryption platform.
The FBI cannot penetrate inside the PhantomSecure network, but the lack of a huge crypto platform has created a gap in the market. The FBI and AFP are not trying to get into the existing encrypted communication network, but starting a project to build their own encryption network from scratch.
Dubbed Operation Trojan’s Shield, a former Phantom Secure distributor was selected for the project, which the FBI had a judicial deal in 2018. After paying him 180,000 dollars in expenses and salary, he moved the An0m app and the smartphone body to develop ArcaneOS. An0m contains a master key, and the master key is secretly attached to every message, allowing law enforcement to decrypt and store the message. In other words, the messages sent through An0m were effectively putting law enforcement into the BCC.
But Operation Trojan Shield must not only develop apps for criminal gangs, but actually get them to use An0m. Therefore, AFP first distributed 50 An0m-equipped devices to three distribution networks in Australia and confirmed that it is a smartphone suitable for the next-generation Phantom Secure. Once the An0m-tested gangs gained trust, they expanded their market share by using gang rumors and influence just like any other product.
One of the key figures that played a key role in the spread of An0m is Australian drug trafficker Hakan Ike, who is on the Australian wanted list and is fleeing to Turkey. Ike, who is known to be involved in $1.5 billion a year in drug smuggling, obtained an An0m-equipped device, recommended it to a colleague, and was said to have been subconsciously playing a role in infiltrating the An0m into criminal gangs.
With success in Australia, the An0m dealership has expanded to Spain, Turkey, the Netherlands, Finland, Mexico and Thailand. In the end, it was used by 300 criminal organizations operating in 90 countries around the world, and Germany, Spain and the Netherlands had the same number of An0m users as Australia. This expanded the An0m network and increased the amount of messages collected by law enforcement agencies. The analyzed message also contained a murder plot. The AFP has adopted a policy of intervening during Trojan Shield operation only if someone could be killed. Intervened in 21 cases in 18 months from the project start to the Big Bang on June 7, 2021, but this did not lead to the risk that the An0m message leaked to law enforcement agencies.
Then, in March 2021, when Sky Global, an encryption communication network, was discovered, the number of An0m users increased rapidly. In order to prevent information leakage in advance, the BIGBANG act was hidden within AFP and was not known to most of the personnel until a week before the act. As a result, the Big Bang was successful and criminal organizations around the world were discovered.
It is said that the main reason that AFP was the center of the Trojan Shield operation was that the anti-encryption law was passed in Australia in December 2018, and the government agency legally collected mass messages from An0m users. Meanwhile, the US FBI, which does not have the same law, is said to have conducted message analysis using a master key that obtains the message cache collected by AFP through a third country.
Because the series of operations were carefully sold with the An0m-equipped device, it is unlikely that journalists and human rights activists who are not criminals used An0m. However, in recent reports, smartphone monitoring software Pegasus also points to the possibility that the authoritarian government, which has been monitoring many politicians and human rights activists, is spreading a fake encrypted messaging app triggered by An0m. Related information can be found here.