[BreachExchange] EncroChat encrypted communication provider quits after malware attack

Destry Winant destry at riskbasedsecurity.com
Fri Jun 26 10:24:29 EDT 2020


Encrochat encrypted cell phone simplifies the encryption process for
the end-user.

Encrypted communication network EncroChat has announced to shut down
its services after European law enforcement agencies arrested several
individuals using EncroChat for nefarious purposes.

The company sells custom-encrypted mobile phones (sold at £3,500) to
security personnel who want to keep their communications private.

The technology EncroChat uses to facilitate encrypted communication is
legal and was developed primarily to address users’ privacy concerns.
However, authorities identified that given its high degree of security
many organized crime networks had started to use the handsets.

It is worth noting that EncroChat doesn’t allow voice calls but only
text or picture messages. Instead of using mobile networks, it uses a
Wi-Fi signal.

However, according to Motherboard, in a coordinated hacking operation
against EncroChat and its users, European law enforcement agencies
managed to halt the company’s operations for around 30 minutes, and
eventually forced it to permanently shut down its business.

“Due to the level of sophistication of the attack and the malware
code, we can no longer guarantee the security of your device,” the
company said in a statement.

Within a few hours, cops started an extensive search and arrest
operation on both sides of the border. The company notified its users
about the security breach last weekend and requested them to destroy
their handsets.

“We took immediate action on our network by disabling connectivity to
combat the attack. You are advised to power off and physically dispose
of your device immediately,” EncroChat announced.

EncroChat rep stated that their security was breached by a ‘foreign
organization’ that carried out attacks from the UK using an old email
address that was associated with the company for years. However, the
identity of the person using this account is still unclear.

Some of the arrested individuals were presented in a Northern Ireland
court, while many others awaiting their cases to be filed in the
coming weeks.

One of the accused, Galway resident Michael O’Loughlin is facing two
counts of conspiring with others for committing murder,
making/supplying passport for fraudulent purposes, dealing in
firearms, robbery, converting/transferring criminal property, and 11
drug offenses appeared in Newry court on Wednesday.

Cops told the court that evidence against O’Loughlin has been obtained
via “lawfully authorized clearance” to access his encrypted mobile
phone data. However, the accused denied the charges.

The National Crime Agency responded to the news of joint operation
against EncroChat stating that:

 “We are aware of reports relating to law enforcement action taken
against Encrochat, however, we do not routinely confirm or deny the
NCA’s involvement.”

Motherboard also separately obtained screenshots of text messages sent
over the last week of alleged Encrochat users discussing a wave of
arrests associated with the Encrochat takeover.

More information about the BreachExchange mailing list