Criminals arrested after trusting encrypted chat app cracked by police

Police in the Netherlands and Belgium have made hundreds of raids, and arrested at least 80 people, after cracking into an encrypted phone network used by organised criminals.

In a press release, Europol said that crime-fighting authorities in France, Belgium and the Netherlands had not only arrested a large number of suspected criminals, but also shut down the SKY ECC communication platform.

According to Europol, authorities have been able to monitor “the information flow of approximately 70,000 users of SKY ECC” since mid-February, “unlocking the encryption” to gain insight into organised criminal activities in Europe and beyond.

It is said that around three million messages are exchanged via SKY ECC every day, with over 20% of users are based in Belgium and the Netherlands. Many users migrated to Sky ECC when the similar EncroChat encrypted platform was dismantled by authorities last year.

However, it may be a little premature to say that SKY ECC has been similarly brought to its knees.

In fact, in a blog post, SKY ECC says that its platform remains secure and – contrary to Europol’s claims – “no authorized SKY ECC device has been hacked.”

So what’s going on?

SKY ECC says that the clue lies in a press release issued by the Dutch police, which shows a police officer holding an encrypted SKY ECC phone.

Zooming in on the picture reveals that the encrypted app running on the police officer’s smartphone declares itself as being from “skyecc.eu” – not the skyecc.com domain used by the official app.

SKY ECC argues that the app being used by the police officer, and by implication the one cracked by police in Europe, is not theirs – but instead an unauthorised fake app:

“SKY ECC authorized distributors in Belgium and the Netherlands brought to our attention that a fake phishing application falsely branded as SKY ECC was illegally created, modified and side-loaded onto unsecure devices, and security features of authorized SKY ECC phones were eliminated in these bogus devices which were then sold through unauthorized channels.”

In short, if Sky ECC’s claims are correct – those criminals who have had their communications exposed to the authorities, and have now been arrested, were themselves duped into trusting a bogus unsecure chat app.

SKY ECC offers a US $5,000,000 reward to anyone who can beat crack the security of its devices and encryption.

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

The post ” Criminals arrested after trusting encrypted chat app cracked by police” appeared first on TripWire

Source:TripWire – Graham Cluley