What is EncroChat?

EncroChat was hacked by European police forces. It disrupted the global encrypted telephone network that criminals have used extensively since 2016.

Europol stated that the company offered an encrypted phone network which was widely used by criminals via French servers. Police forces finally seized the network after many failed attempts and were able collect hundreds of millions encrypted messages through it.

What is EncroChat?

EncroChat was the largest encrypted communication service in the world and had 60,000 users in Europe. There were also 10,000 users in the UK. Although the servers of EncroChat were in France, it is not clear who ran it.

Encrochat was a secure communication network that prevented messages from being intercepted. An EncroPhone was a modified mobile phone that users were provided. It could not be used for voice calls and could not be used for text messages. Instead, the EncroPhone came preloaded with private messaging apps that could send picture and text messages to other Encrochat users.

The devices were hosted on Encrochat’s servers and contained additional security features, including a burn facility that allowed remote deletion of phone data. If a 15-digit passcode is entered correctly, phone data will also be deleted. The handsets were connected to Wi-Fi signals, not mobile networks. For added security, features such as the microphone, camera and GPS were disabled.

These security measures made EncroPhones very popular with celebrities, high-net-worth individuals, and organized crime gangs. They all valued the anonymity and secrecy the platform offered.

EncroChat was used by criminals for a variety of reasons.

It was well-organized and many people trusted it over the years. Criminals felt safe enough to talk freely about anything: customer names, drug deliveries, assassinations, etc. Given what EncroChat had to say, their trust was understandable.

— Dual boot phones were available so that users could use the Android operating system to start their phones. Their phones would appear like an old-fashioned, normal model.

— There was a button on the phones that could wipe all conversations stored in the event of an emergency, such as an arrest or other situation.

— Because messages are not stored on servers, they cannot be seized or decrypted later.

— OTR cannot be completely reconstructed, unlike PGP.

EncroChat users were charged thousands of dollars each year per device for this service. These high fees could explain why EncroChat clients were often found in violation of the law. Many European criminals came to EncroChat after other providers were taken down or compromised by law enforcement agencies. According to the French police, 90% of users were involved in criminal activity. Only 800 of the 60,000 users were actually arrested.

The EncroChat Infiltration

Encrochat users were sent a text message in June 2020 advising them that their data wasn’t secure. Users were advised to immediately dispose of their EncroPhone. According to the statement, their servers were seized by “government entities”. Encrochat decided to stop operations for good.

After being repeatedly linked to criminal activities, the French Gendarmerie first became aware of the encrypted messaging system in 2017.

EncroChat was operating in France from servers they discovered. They were eventually able to “put a technical device into place” that allowed them access encrypted messages sent over the company’s network. It is unclear what the device was but it seems that the investigators were able “to put a technical device in place” which allowed them to access encrypted messages sent over the company’s network.

The information gathered from this process was shared across Europe with law enforcement agencies, including the UK’s National Crime Agency. Operation Venetic was codenamed and authorities were listening in on Encrochat conversations for several months before the security breach was discovered.

EncroChat Digital Forensics

CYFOR, as specialists in digital forensics, and criminal defense investigations experts, is well-placed to comment on EncroChat evidence being presented in courts throughout the country. Each case is handled by dedicated case managers who are sensitive to the time-sensitive nature of instructions and provide dedicated account management. Contact our team for more information on our EncroChat forensic services and digital forensic capabilities.