The Washington PostDemocracy Dies in Darkness

FBI-controlled Anom app ensnares scores of alleged criminals in global police sting

Australian Federal Police Commissioner Reece Kershaw speaks as Prime Minister Scott Morrison looks on during a news briefing about the global police operation in Sydney on Tuesday. (Dean Lewins/Reuters)

SYDNEY — The alleged drug syndicates, contract killers and weapons dealers thought they were using high-priced, securely encrypted phones that would protect them as they openly discussed drug deals by text message and swapped photos of cocaine-packed pineapples. What they were really doing, investigators revealed Tuesday, was channeling their plots straight into the hands of U.S. intelligence agents.

An international coalition of law enforcement officials announced they had ensnared alleged criminals around the world after duping them into using phones loaded with an encrypted messaging app controlled by the FBI.

The audacious effort — led by the FBI, Australian police and a host of European law enforcement agencies — gave the officials a window into the conversations of criminal networks, as people planned illegal drug shipments, plotted robberies and put out contracts for killings.

From fake weddings to free flights, elaborate sting operations have ensnared suspects around the world

U.S. and Australian police created an app used by criminals to read millions of encrypted messages leading to hundreds of arrests, officials said on June 8. (Video: Reuters)

Law enforcement officials — some of whom Tuesday could barely contain their glee — announced they had arrested more than 800 people and gained an unprecedented understanding into the functioning of modern criminal networks that would keep fueling investigations long past the coordinated international raids that took place in recent days.

The effort was “one of the largest and most sophisticated law enforcement operations to date in the fight against encrypted criminal activities,” Jean-Philippe Lecouffe, the deputy executive director for operations of Europol, the agency that coordinates police activity among the 27 European Union countries, said in a news conference in The Hague.

How America’s surveillance networks helped the FBI catch the Capitol mob

For nearly three years, law enforcement officials have been virtually sitting in the back pocket of some of the world’s top alleged crime figures. Custom cellphones, bought on the black market and installed with the FBI-controlled platform, called Anom, circulated and grew in popularity among criminals as high-profile crime entities vouched for its integrity.

The FBI in the past has dismantled encrypted platforms used by criminals to communicate, and infiltrated others. This time, it decided to market an encrypted app of its own to target organized crime, drug trafficking and money laundering activities across the globe. The FBI effort was aided by a paid collaborator who had previously marketed other encrypted devices to members of the global criminal underworld.

A breakthrough came after Australian police met with the FBI in 2018 over a couple of beers, according to officials. The Australians then built a technical capability to access, decrypt and read communications on the FBI’s platform.

The users believed their Anom devices were secured by encryption. They were — but every message was also fed directly to law enforcement agents.

“Essentially, they have handcuffed each other by endorsing and trusting Anom and openly communicating on it — not knowing we were watching the entire time,” Australian Federal Police Commissioner Reece Kershaw said.

What is Anom, and how did law enforcement use it to arrests hundreds in a global sting?

Authorities on June 8 announced that they had ensnared hundreds of alleged criminals using an encrypted messaging app, AN0M, controlled by the FBI. (Video: The Washington Post, Photo: Mike Blake/Reuters/The Washington Post)

The global operation, known as Special Operation Ironside in Australia and Trojan Shield in the United States and Europe, has allegedly exposed criminals linked to South American drug cartels, triad groups in Asia and criminal syndicates based in the Middle East and Europe. A total of 17 countries took part in the effort.

Officials said raids in those countries in recent days had impounded more than eight tons of cocaine, 22 tons of marijuana and hashish, two tons of methamphetamine and amphetamine, 250 firearms, 55 luxury vehicles and more than $48 million in cash and cryptocurrencies.

The operation has “struck a heavy blow against organized crime,” Australia’s Prime Minister Scott Morrison said, “not just in this country but one that will echo around organized crime around the world.”

More than 9,000 law enforcement officers were involved, sifting through 27 million messages that were sent via the app over the 18 months of the operation. The alleged criminals used the app like an illicit WhatsApp or text message system, communicating in 45 languages to trade details of their activities, officials said. The countries with the most users were Germany, the Netherlands, Spain, Australia and Serbia, according to an FBI filing in a federal court that was unsealed late Monday.

“To give you an idea of the magnitude of our penetration, we were able to actually see photographs of hundreds of tons of cocaine that were concealed in shipments of fruit. We were able to see hundreds of kilos of cocaine that were concealed in canned goods,” Calvin Shivers, assistant director from FBI’s Criminal Investigative Division, told reporters in The Hague. “The results are staggering.”

From fake weddings to free flights, elaborate sting operations have ensnared suspects around the world

Demand for the devices soared as law enforcement officials shut down older, rival encrypted networks, including one called EncroChat that was dismantled in July 2020 and another, Sky Global, that was targeted in March. Before March, there were about 3,000 users of the FBI-penetrated devices. Afterward, the clientele nearly tripled, the FBI court filing said.

The operation was revealed Tuesday in part because a warrant in a third country to forward messages to U.S. authorities expired June 7, the filing said. Acting U.S. attorney in San Diego Randy Grossman announced Tuesday that his office had charged 17 foreign nationals with distributing thousands of encrypted communication devices to criminal syndicates. Eight of them, he said, had been arrested. The rest are considered fugitives.

“The supreme irony here is that the very devices that these criminals were using to hide from law enforcement were actually beacons for law enforcement,” Grossman said in a statement. “We aim to shatter any confidence in the hardened encrypted device industry with our indictment and announcement that this platform was run by the FBI.”

Users typically pay between $1,500 and $2,000 for a six-month service plan for such devices, and are typically able to gain access only by being greenlighted by a current user, the filing said, a step that builds user trust. At a news conference to announce the operation, U.S. officials said that while the encryption technology has benefits, the operation shows how it can be exploited by nefarious actors.

“Encryption also allows the criminals to operate in the same safe, secure environment, hiding their communications in a cloak of secrecy,” said Suzanne Turner, the special agent in charge of the FBI in San Diego.

Global law enforcement officials got lucky with Anom early on, after an alleged member of the Australian criminal underworld, Hakan Ayik, one of the country’s most-wanted criminals, praised the devices to his associates and encouraged their uptake.

“He was one of the coordinators of this particular device. So he’s essentially set up his own colleagues,” Kershaw, the Australian police commissioner, told reporters Tuesday, saying that he should turn himself in, “given the threat that he faces.”

Officials described a wide-ranging, disruptive effort that they hoped would deliver a serious setback to criminal networks in their countries. The U.S. court filing offered details of the interactions authorities witnessed on the app: intricate haggling over the costs of distributing drugs, photos of the ways drugs were hidden, friendly interactions between alleged criminals.

“There is 2 kg put inside french diplomatic sealed envelopes” out of Bogotá, Colombia, one user wrote in March 2020. “'Only issue is that COL takes 50/4 Partners including yourself will need to split other 50.”

The filing explained that Colombian distributors would take 50 percent of the profits from the cocaine shipments hidden in the diplomatic pouch, while four other people split the rest.

In Australia, police used information as the operation was underway to seize 3.7 tons of drugs, 104 weapons and some $35 million in cash. During that time, the alleged criminals had no idea why their drugs were being seized and their plots foiled, police said.

Police said they disrupted a number of possible homicides, including one plot involving plans to shoot a family of five at a cafe.

In Sweden, which has struggled with drug networks in recent years, a top official said authorities had “performed one of the most important strikes ever” against violent crime and drug networks.

The official, Linda Staaf, head of intelligence for the Swedish Police Authority, said that in recent days, 70 people had been arrested, “many of them persons with essential roles and heavy influence on the drug market: those who instigate murders and violence by shootings and explosions right in the middle of Swedish society.” U.S. authorities said that among those arrested were six corrupt law enforcement officers.

A top Dutch police official reveled in what she said was the app’s success.

“It has a good reputation among criminals. They mutually promote it as the platform you should use for its absolute reliability,” said Jannine van den Berg, chief commissioner of the national unit of the Dutch police. “But nothing was further from the truth.”

Birnbaum reported from Riga, Latvia. Matt Zapotosky in Washington contributed to this report.

Read more:

How America’s surveillance networks helped the FBI catch the Capitol mob

Massive camera hack exposes the growing reach and intimacy of American surveillance

More U.S. citizens apprehended for moving drugs over border