Episode 32: How to Hack End-to-End Encryption

The story of how police cracked the encryption of the EncroChat phone is not only important to criminals who used these devices, but also an interesting case study of how such systems are attacked in practice.

On this episode of The Private Citizen, I examine the EncroChat investigation and what it means for everyday people who use encryption to communicate privately. For everyone using end-to-end encryption, it is important to understand how these systems can be attacked and also what happens if your private communication is swept up in such a police investigation.

How Police Defeated the Encrypted EncroChat Phone

At the beginning of last month, Vice broke the story how a coordinated police operation in Europe defeated the protections of an end-to-end encrypted phone used by a lot of organised crime networks.

French police gained access to the backend servers and installed “a technical tool”. They then quietly read everyone’s messages for months and shared them with investigators all over Europe.

On Encrochat, criminals spoke openly and negotiated their deals in granular detail, with price lists, names of customers, and explicit references to the large quantities of drugs they sold, according to documents obtained by Motherboard from sources in and around the criminal world.

Only now is the astonishing scale of the operation coming into focus: It represents one of the largest law enforcement infiltrations of a communications network predominantly used by criminals ever, with Encrochat users spreading beyond Europe to the Middle East and elsewhere. French, Dutch, and other European agencies monitored and investigated “more than a hundred million encrypted messages” sent between Encrochat users in real time, leading to arrests in the UK, Norway, Sweden, France, and the Netherlands, a team of international law enforcement agencies announced Thursday.

The messages “have given insight in an unprecedented large number of serious crimes, including large, international drug shipments and drug labs, murders, thrashing robberies, extortions, robberies, grave assaults and hostage takings. International drug and money laundering corridors have become crystal clear,” Dutch law enforcement said.

In the Netherlands alone, “the investigation has so far led to the arrest of more than 100 suspects, the seizure of drugs (more than 8,000 kilo cocaine and 1,200 kilo crystal meth), the dismantling of 19 synthetic drugs labs, the seizure of dozens of (automatic) fire weapons, expensive watches and 25 cars, including vehicles with hidden compartments, and almost EUR 20 million in cash,” authorities said in a press release.

“I’ve never seen anything like this,” the source close to criminal users of Encrochat told Motherboard, describing the law enforcement action.

This is how they did it.

In May, some Encrochat users noticed a problem: the much lauded wipe feature on their phones wasn’t working. An Encrochat associate told Motherboard that at the time they believed perhaps either the user had forgotten their reset PIN number, or that the wipe feature wasn’t configured properly. Nothing to be alarmed about; users make mistakes. The next month, Encrochat managed to track down one of its particular X2 model devices which had the panic wipe issue, they explained. This wiping problem wasn’t user error though. The Encrochat associate told Motherboard they found malware on the device. The phone had been hacked. The associate told Motherboard the malware was specifically created for the X2 model. Besides disrupting the wiping feature, the malware was also designed to conceal itself from detection, record the screen lock password, and clone application data.

Realizing this was an attack, over the next two days Encrochat pushed an update to its X2 models to restore the phone’s features and gather information about the malware installed on its devices around the world, the associate said. “This was done to prevent further damage while we informed affected users,” they added. Encrochat put monitoring in place to be able to keep an eye on their devices without having to physically have it in their hands.

But almost immediately after the patch, the attackers struck again, this time seemingly harder. The malware was back and now it could change the lock screen password rather than just record it. The hackers were not stopping; they were escalating.

Going into full-on emergency mode, Encrochat sent a message to its users informing them of the ongoing attack. The company also informed its SIM provider, Dutch telecommunications firm KPN, which then blocked connections to the malicious servers, the associate claimed. Encrochat cut its own SIM service; it had an update scheduled to push to the phones, but it couldn’t guarantee whether that update itself wouldn’t be carrying malware too. That, and maybe KPN was working with the authorities, Encrochat’s statement suggested (KPN declined to comment). Shortly after Encrochat restored SIM service, KPN removed the firewall, allowing the hackers’ servers to communicate with the phones once again. Encrochat was trapped. Encrochat decided to shut itself down entirely.

“We then took the decision to immediately shut down the SIMs and the network,” the associate wrote. Encrochat suspected this wasn’t a rival company trying to mess with its infrastructure; this was likely a government. “Due to the level of sophistication of the attack and the malware code, we can no longer guarantee the security of your device,” a message Encrochat sent to its users read. “You are advises [sic] to power off and physically dispose your device immediately,” it added.

All of this came too late. Law enforcement had already extracted an extraordinary cache of data from Encrochat devices. Entire multi-million dollar drug empires nakedly laid out in reams of text messages and photos. In a press release published Thursday, French law enforcement, which spear-headed the investigation, did not go into detail about what the operation itself entailed, but said that, “The investigation made it possible to gather elements on the technical functioning of the solution [Encrochat], and led to the establishment of a technical device thanks to which unencrypted communications from users could be obtained.”

The French authorities also pointed to the legal mechanism that allows for the capture of computer data by such a tool “without the consent of the interested parties, to access, in any places, computer data, to record it, to keep it and to transmit it.”

The authorities had everything. Images of huge piles of narcotics laying on scales. Kilogram blocks of cocaine. Bags packed with ecstasy. Fistfuls of cannabis. Messages about planned drug drops and major deals. Photos of their family members and discussions of their other business

Right now, the criminal world is in disarray, their main way of communicating ruptured. Paranoid, some people are going offline, unsure of what devices to trust. Others are trying to cross borders before they are detained, the source close to criminal Encrochat users said. The source said that buying drugs in bulk just got a lot harder. They added, “Everybody’s going to ground.”

The messages stretched back months, with some in the documents dating to April, months before Encrochat discovered the malware.

Where Did These Phones Come From?

How did this phone work? Where did it come from? How was it distributed and sold?

On one of its related websites, Encrochat says it’s an “end-to-end security solution” that can “guarantee anonymity,” and that messaging using Encrochat is “the electronic equivalent of a regular conversation between two people in an empty room” for “worry free communications.” It says that “our servers, located offshore in our datacenter, never create, store, or decrypt keys, message conversations or user data.” The site states that Encrochat has resellers in Amsterdam, Rotterdam, Madrid, and Dubai, but the firm is highly secretive, and does not operate like a normal technology company.

Buying an Encrochat device is not always as simple as walking into a store. One current prison inmate who said they previously used Encrochat devices explained how they bought a phone from a specific contact recommended to them.

“He does have a legit shop but I didn’t meet him there. I met him down a side street and it looked like a drug deal,” the inmate said of how he got the phone. “I spoke to him by the phone and went to his city and met him.”

An EncroChat phone An EncroChat phone (Source: Twitter / @Misdaadnieuw2)

Encrochat’s phones are essentially modified Android devices, with some models using the “BQ Aquaris X2,” an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents. Encrochat took the base unit, installed its own encrypted messaging programs which route messages through the firm’s own servers, and even physically removed the GPS, camera, and microphone functionality from the phone. Encrochat’s phones also had a feature that would quickly wipe the device if the user entered a PIN, and ran two operating systems side-by-side. If a user wanted the device to appear innocuous, they booted into normal Android. If they wanted to return to their sensitive chats, they switched over to the Encrochat system. The company sold the phones on a subscription based model, costing thousands of dollars a year per device.

BQ Aquaris X2 Smartphone Review

The Other Ten Percent

In a statement sent to Motherboard by someone in control of a company email address, Encrochat positions itself as a legitimate company with customers in 140 countries, but sources in the criminal underground say that many of Encrochat’s customers are criminals. French authorities said they estimated that more than 90 percent of the company’s French customers were “engaged in criminal activity.”

Just imagine you are part of the ten percent…

In the press release, French authorities wrote “Despite the findings of the criminal use of Encrochat terminals [phones],” that they hope “users claiming to be of good faith and wishing to have their personal data deleted from the legal proceedings can send their request to the investigation department.” They also invited administrators or managers of Encrochat itself to contact them if they wanted to discuss the legality of law enforcement deploying the technical tool to read messages.

Encrochat is not the only company offering these sorts of phones. So-called “secure phone” companies often don’t have public-facing executives. Instead, they hide their ownership, and some have been caught conspiring with criminals. One company, MPC, was run directly by organized criminals, as Motherboard reported last year. Vincent Ramos, the founder of another secure phone company called Phantom Secure, which started as a legitimate firm, is currently in prison in part for telling undercover agents that he created the device to help with drug trafficking. These companies regularly hire distributors based in different countries or cities, who then help sell the companies’ phones directly to customers. Encrochat allegedly had ex-military personnel selling phones to criminals in at least one case.

c.f.: Professor James Duane: “Don’t Talk to the Police”

The Dutch Torture Chambers

To get a taste of the incredible stuff investigators discovered, here’s a particularly wild story from the BBC:

Six men have been arrested in the Netherlands following the discovery of seven shipping containers converted into cells and torture chambers. The containers were located in Wouwse Plantage, south of Rotterdam, after French police cracked encrypted phones used by criminals.

Dutch police said the containers were found before they were used, and potential victims were now in hiding. Inside the containers was a dentist chair with straps and handcuffs.

The suspects were arrested on 22 June following a Franco-Dutch operation to infiltrate the EncroChat encrypted phone system. After locating the containers in April in Wouwse Plantage, near the Belgian border, police put the area under observation and found that multiple men were working on them almost every day. When the containers were almost finished, investigators decided to intervene.

In one container, they also discovered police clothing and bulletproof vests. In another, they located pruning shears, scalpels and balaclavas.

Producer Feedback

Butterbeans chimes in from Tennessee:

Ok Fab, cracks knuckles, I’m a little late to the party because I just listened to episode 30 yesterday. I appreciate your analysis of the EARN IT Act (I understand its implications much better thanks to you), however, I want to push back on two things; the first is your opinion that the EARN IT Act will become law soon. There’s still a lot of political legwork that needs to take place before that happens. It’s likely to reach a full Senate vote in the Republican controlled Senate soon, but it’ll then need to pass in the Democrat controlled House and revisions may get made there. If so, the bill will get sent back to the Senate for approval again and so on. I could be wrong, and it may fly through the House as-is, but given its contentious nature, I’d be surprised if it arrives on Trump’s desk for signature anytime soon.

The second is regarding your statements about Twitter/Facebook’s obligations to police material on their sites. You suggested that Twitter shouldn’t fact check Trump’s tweets and hide behind the Section 230 shield, providing a platform for public discourse and nothing else. On paper, I think that makes sense, but reality is much different. Twitter/FB (and I mean FB in it’s many forms, including Instagram, WhatsApp, etc.) have essentially become the nervous systems of Western internet and dissemination of misleading information on these platforms have become fantastic tools for manipulation. The ability to target individuals with a level of granularity never before achievable is powerful and your opinion that individuals should do fact checking themselves overstates the desire, and perhaps the capability, of many people. Furthermore, Trump is the President of the US and should be held to a higher standard for what he disseminates to the public than the average individual. How would you feel if Merkel started promoting anti-vaxxer articles? Should she be freely able to do this because voters are responsible for their own fact checking?

Anyways, all I’m saying is that entities like Twitter/FB that have become part of the fabric of online social discourse must acknowledge the capabilities their platforms have for manipulation and shouldn’t hide behind Section 230 to provide a “dumb platform” and nothing else. Now, if you want to argue that these entities have become too big and should be considered for antitrust legislation, that’s something I’ll get on your side about!

Keep up the podding. Your friend in Jack Daniels land, Andy.

If you also have thoughts on the topics discussed in this or previous episodes, please feel free to contact me.

Toss a Coin to Your Podcaster

I am a freelance journalist and writer, volunteering my free time because I love digging into stories and because I love podcasting. If you want to help keep The Private Citizen on the air, consider becoming one of my Patreon supporters.

You can also support the show by sending money to via PayPal, if you prefer.

This is entirely optional. This show operates under the value-for-value model, meaning I want you to give back only what you feel this show is worth to you. If that comes down to nothing, that’s OK with me, pard. But if you help out, it’s more likely that I’ll be able to keep doing this indefinitely.

Thanks and Credits

I like to credit everyone who’s helped with any aspect of this production and thus became a part of the show.

Aside from the people who have provided feedback and research and are credited as such above, I’m thankful to Raúl Cabezalí, who composed and recorded the show’s theme, a song called Acoustic Routes. I am also thankful to Bytemark, who are providing the hosting for this episode’s audio file.

But above all, I’d like to thank the following people, who have supported this episode through Patreon or PayPal and thus keep this show on the air: Niall Donegan, Michael Mullan-Jensen, Jonathan M. Hethey, Georges Walther, Dave, Rasheed Alhimianee, Butterbeans, Kai Siers, Mark Holland, Steve Hoos, Shelby Cruver, Vlad, Fadi Mansour, Jackie Plage, 1i11g, Matt Jelliman, Joe Poser, Philip Klostermann, ikn, Jaroslav Lichtblau, Dirk Dede, Dave Umrysh, David Potter, Mika, Vytautas Sadauskas, RikyM, drivezero, Martin, Jonathan Edwards, Barry Williams, Silviu Vulcan and S.J.