Dutch police snoop on criminal chats by intercepting encryption server
Dutch law enforcement says that over 250,000 messages sent by criminals through an encrypted service have been intercepted, leading to a number of arrests.
Security
According to Netherlands police and the public prosecution service, a money-laundering investigation led to the discovery of so-called BlackBox "cryptophones" which made use of the Ironchat end-to-end encryption messaging service.
In what law enforcement calls a "breakthrough in the interception and decryption of encrypted communication between criminals" (translated), police officers were able to intercept this communication and read messages between those believed to be part of the money laundering scheme.
See also: The police are now using artificial intelligence to spot fake robbery claims
It is important to note that the officers did not manage to break end-to-end encryption protocols, but rather, were able to compromise the implementation of encryption in this case. Access was gained to messages through the seizure of a server which, it is implied, routed the messages and contained the keys required to encrypt content.
By gaining control of this server, the police could have potentially intercepted the messages. In total, Dutch officers say they were able to read over 258,000 direct messages sent via Ironchat.
The mobile devices used for their messaging capabilities cost "thousands or euros," law enforcement added.
TechRepublic: Nearly everyone in UK has been hacked, 'lottery' determines investigation, police lead says
After seizing the server and snooping on the messages, the police arrested two men, who were 46-years-old and 52-years-old respectively. The men, believed to be the operators of the phone company, are suspected of money laundering and participating in a criminal organization.
A series of raids followed, leading to the closure of a drug lab and the confiscation of over €90,000 in cash, weaponry, and drugs including MDMA and cocaine.
The website and server related to the investigation have been taken offline.
CNET: Apple is building an online portal for police to make data requests
In total, 14 arrests have been made in connection to the operation, but "hundreds" more suspects are on the radar and are yet to be apprehended.
Law enforcement added that they had moved quickly as "retaliatory" action was expected due to suspected criminals believing that some among them were leaking information to the police.