Dutch police admit accessing criminal chats by intercepting encryption server 

Police in the Netherlands have revealed they were able to intercept and read more than 250,000 encrypted messages sent by members of various criminal gangs after gaining control of a key server used by a company that allegedly offered to provide individuals with secure communications to help carry out illegal acts.  

Nov 13, 2018
By Tony Thompson

Officers were forced to reveal what they had done earlier this week after users of the service began to suspect one another of providing information to the authorities after a number of individuals were arrested.  

According to senior figures in the Dutch police, the operation began after an investigation into a money laundering scheme led to the discovery that the gang members were using “cryptophones” manufactured by a company called BlackBox.  

The devices, known as IronPhones, look like regular smartphones but have greatly reduced functionality; they can only send and receive messages and images, and only with other cryptophones using an end-to-end encryption service known as IronChat. The devices are fitted with a panic button which instantly deletes all the information on the handset. Subscriptions for the service cost more than £2500 each year.  

Officers did not manage to break the actual encryption protocols, but rather, were able to compromise the implementation of encryption by seizing the BlackBox server that routed the messages which contained the keys required to encrypt the content. 

“We had sufficient evidence that these phones were used among criminals,” said a Dutch police spokesperson. “We have succeeded in intercepting encrypted communication messages between these phones, decrypting them and having them live for some time. This has not only given us a unique insight into existing criminal networks; we have also been able to intercept drugs, weapons and money.” 

The investigation has already allowed the authorities to raid a drugs lab and make 14 arrests, including a 46-year-old man who is suspected of running the cryptophone company. Around £80,000 in cash has been seized along with automatic weapons and drugs, including large amounts of MDMA and cocaine.  

“This operation has given us a unique glimpse into a criminal world in which criminal acts were openly discussed,” said Aart Garssen, head of the Regional Investigation Service in the Eastern Netherlands. 

Mr Garssen said police had decided to reveal their operation to forestall violence, after BlackBox users started to voice suspicions about each other – which police learned about thanks to monitoring the IronChat message traffic – following a series of arrests. 

“They suspected each other of leaking information to the police,” said Mr Garssen. “This mistrust among the users of the phones toward each other can lead to reprisals. Now, we’re making it clear that the police intervened by using intercepted communications.” 

The BlackBox IronPhone takedown is not the first time that police have taken action against a cryptophone service with alleged criminal ties. In March, the US Department of Justice charged five individuals with running a secure smartphone service called Phantom Secure that was designed and marketed to help criminals evade law enforcement agencies.  

Authorities charged the men with providing the phones to individuals who used them to ship cocaine and MDMA from the US to Australia and Canada. Six-month subscriptions for the devices cost around £2,000 and the FBI said users of the service included a known member of Mexico’s Sinaloa Cartel. 

 

Related News

Copyright © 2019 Police Professional