Australian Federal Police Arrest Hundreds Using Data Gathered Through Backdoored Chat App
The FBI was able to trick criminals into using an FBI-developed app, ANoM, to communicate with each other. The app was distributed on phones configured for the purpose of using the app, and starting in 2018, distributed on black markets. This week, several law enforcement agencies worldwide searched hundreds of locations in a coordinated effort using information collected from the ANoM app. The raids led to 224 arrests, the seizure of 3.7 tons of drugs, and the disruption of 20 “threats to kill.”
Finally a "good" supply chain attack and congratulations to everybody involved in executing just a massive operation. But maybe also a subtle reminder that your end-to-end encryption depends on the vendor doing what they promised.
The takedown involved about 4,000 law enforcement officers processing 25 million messages and executing 525 search warrants across Australia. It is estimated the ANoM app had 9,000 users world-wide. This is an excellent example of international cooperation of law enforcement agencies. Unfortunately, like burning a successful 0-Day, this also marks the end of the ANoM apps viability. Part of the decision to stop monitoring and making arrests was a blog posting (since deleted) detailing the behavior of the ANoM app, this March, which didn’t correctly attribute the backdoor to the FBI.