Saturday, November 23, 2024

Police Arrest Suspects Following Breach of Ghost Encrypted Communications App

Authorities have made several arrests following a worldwide police operation targeting an Australian encrypted communications platform believed to be utilized by organized crime groups.

In Australia, over 700 officers took part in raids and searches as a result of an international investigation into the Ghost encrypted messaging service. Additional police operations were conducted in Ireland, Italy, Sweden, and Canada. This crackdown is part of ongoing efforts to take down encrypted messaging services, known as criminally dedicated communications services (CDCS), which are often favored by criminal organizations. The operation follows earlier initiatives aimed at infiltrating EncroChat and Sky ECC networks in 2020, as well as the FBI-led Anom operation, which was active until 2021.

Law enforcement from Australia, Canada, France, Iceland, Ireland, Italy, the Netherlands, Sweden, and the U.S. collaborated in the investigation of Ghost’s criminal users. The Australian Federal Police (AFP) launched a major initiative, codenamed Kraken, across New South Wales, Victoria, Western Australia, and South Australia, focusing on individuals using Ghost. According to the AFP, “Operation Kraken targets alleged organized criminals using a covert platform to import illegal drugs and plan serious crimes on a global scale.”

In a key development, Australian police apprehended a 32-year-old suspect in New South Wales, identified as the creator and administrator of Ghost. Allegations against him suggest that the platform facilitated drug trafficking, money laundering, and orchestrating serious acts of violence.

Users of Ghost reportedly paid around A$2350 for handsets, which included a six-month subscription along with technical support from a network of resellers. Ghost advertised itself as a provider of encrypted voice calls and messaging through “military grade encryption.” The application featured a “duress password” designed to erase sensitive communications, alongside functions to remotely wipe data if the device was lost or stolen. It also offered self-destructing group chats, a “purge function” to delete chat history, and anonymous group interactions. The developers claimed that Ghost employed a unique secure operating system integrating advanced encryption technologies such as PGP and elliptic curve cryptography.

Authorities have charged the 32-year-old administrator with five offenses, including supporting a criminal organization and dealing with the proceeds of crime. The AFP has secured restraining orders against suspected illegal assets, including cryptocurrencies and bank accounts. So far, Australian police have executed 71 search warrants, made 38 arrests, seized 25 firearms, and disrupted the distribution of over 200 kg of illicit drugs.

Ghost has been operational for nine years and came under scrutiny from international law enforcement agencies in 2022. Europol established a global task force, known as Operational Task Force (OTF) Next, led by the FBI and the French Gendarmerie.

The AFP, with technical assistance from French specialists, was able to compromise Ghost devices by hacking into the administration systems and installing infected software updates. This operation enabled them to access encrypted communications and identify criminal users. It is believed that criminals migrated to Ghost after the dismantling of the Anom app, an FBI sting operation that concluded in June 2021. AFP Deputy Commissioner Ian McCartney noted that Operation Kraken has helped law enforcement identify and avert 50 potential life-threatening situations.

Catherine De Bolle, the executive director of Europol, emphasized the successful collaboration among law enforcement from nine countries, stating that they have dismantled a vital tool for serious organized crime. Florian Manet, head of France’s National Cyber Command Technical Department, added that their unit provided essential technical resources for the task force, enabling access to communications on the secure platform. Other members of Europol’s task force included agencies from Canada, Sweden, the Netherlands, Ireland, and Italy, with additional support from Icelandic police.