Angry Planet - The FBI’s Chat App and the Biggest Sting Operation In History
Episode Date: June 5, 2024International criminal organizations are more concerned about message security than the average citizen. The end-to-end encryption of WhatsApp or Signal is great, but drug traffickers are looking for ...a little extra. Enter services like Anom, EncroChat, Sky, and Phantom Secure— discrete messaging services that charged big bucks and promised criminals a chat experience free from the prying eyes of law enforcement. But the cops always find a way. And one of those services was actually purpose built by the FBI to act as a spying tool on the world’s criminals.In Dark Wire, investigative journalist Joseph Cox tells the story of how the FBI built and maintained a phone service just for criminals. He’s on Angry Plant today to tell us all about it.Buy DARK WIRE here.You could have heard an early, and commercial free, version of this episode. Sign up for the Angry Planet newsletter to get started.Support this show http://supporter.acast.com/warcollege. Hosted on Acast. See acast.com/privacy for more information.
Transcript
Discussion (0)
Love this podcast. Support this show through the ACAST supporter feature. It's up to you how much you give, and there's no regular commitment. Just click the link in the show description to support now.
Welcome back, listeners to Angry Planet. We're on today with Joseph Cox of 404 Media, who's got a new book out called Dark Wire that I just finished last night. It is absolutely incredible. How are you doing, Mr. Cox?
All good. Thank you for having me. I'm excited to talk about it.
So this is one of these books that I'm reading, and every page is more ludicrous and crazy as the story unfolds.
There's a lot of amazing characters, but I want to start at the end, if we can, which is kind of in the subhead of the book.
This is the story of the largest sting operation in world history.
Can you define largest?
How many countries, say, are involved?
Yeah, I'm actually really glad you asked that because there's a few different ways to go about it.
So on this day, 7th of June 2021, when the FBI executed the sort of final stage of this largest thing operation,
there was something like 10,000 law enforcement officers acting in some capacity on that day, which is obviously huge.
You then have the data that they're acting on was collected from phones based in more than 100 countries.
You then have this Europol-based task force of around 16 countries, all collaborating as well, all as one.
So that all happens on June 7th, 2021.
But there's also another way to look at it, and I'm sure we'll drill down into this.
But if you zoom out, this actual operation was sort of part of a master plan impacting two other
investigations, one involving a company called EncroChat, one involving a company called Sky.
Don't need to worry about those right now.
I'm sure we'll get into it.
But then once you zoom out and look at that, something like 10,000 people were arrested as part of that grand master plan.
I don't know a bigger operation than that.
I'll say that.
So my editor was asking, like, can we put that as the title? I think that would be really good. And yes, I'm very, very confident. I've never seen an operation this brazen or this audacious in the law enforcement world. And I think that's key because whereas you may have mass intercepts and massive operations in the intelligence world, that's now moved over to law enforcement.
How long had law enforcement been building to that day?
Well, hold on, Matthew.
You are so deep in this story.
I have this feeling that, and probably both of you, building up to what?
Oh, I'm walking up.
Why don't we tell people what this is actually about before we ask all these questions?
I'm getting there.
There's this question, and then the next question is what you're asking.
Trust me, there's a process here.
Fine, fine, fine.
I've learned to trust Matthew's process just blindly.
That's because you're going to.
you haven't been working with them for nine years.
Right.
In some way.
So how long has it been building up to this?
I mean, something like three years.
The operation itself started in mid to late 2018.
And all of that time,
they're collecting intelligence, information,
sometimes acting on it.
And then it builds up to this massive day,
executing on on that information so at the center of the story looking directly at you jason
is this thing called anom and that is that is what the book is about that kind of the whole
operation swings around this so what was law enforcement doing that allowed them to execute this
massive sting sure so you mentioned an om and that was an encrypted messaging app slash custom
primarily sold to organized crime. There's a whole industry of these sorts of companies that will
sell highly customized, highly secure products to drug traffickers, to hit men, smugglers,
money launderers, all of those sorts of people. And the nom was one of those. Started in 2018,
as I said, and then got more and more popular. It, of course, had a massive secret, which is that
basically for its entire existence, the FBI was secretly running an nom. It was secretly managing
this company, pulling strings sort of behind the scenes like a puppet master. And crucially,
it had placed a backdoor into a nom to collect everybody's messages. That's how they were able
to get so much intelligence to eventually arrest all of those people to send out 10,000 law
enforcement officials into the field to act on this intelligence. And I just can't overstate how powerful
that backdoor was for law enforcement, especially when they're stymied by all sorts of other
encryption, either by, you know, those companies I mentioned broadly, or consumer tools like WhatsApp and
signal stuff that we use every day. And I think we all broadly appreciate. I certainly do.
this backdoor gave them not just one window, obviously,
but this mass of windows that they could look through
and spy on people who simply don't ordinarily get caught by law enforcement.
How do you deal with the question of entrap in something like this?
Yeah, that always comes up.
And the FBI was very conscious of that.
And the way they went about it was that we're not going to sell,
the devices ourselves. What we're going to do is we're going to let them spread organically
throughout the criminal underworld. So rather than the FBI setting a shop or something like that,
they try to emulate these other encrypted phone companies that always have networks of resellers
and they'll get the phones and then they'll sell them in a certain country like Spain or Germany
or Columbia or wherever. They'll take a cut of the proceeds. The money goes up.
Those resellers generally are pretty autonomous.
Like the FBI was not telling them, hey, go here and sell that.
So that's how the FBI sees that it gets around the entrapment angle.
I'm sure some defense lawyers are going to be thinking and have been thinking about some novel arguments against that.
But that's the FBI's position, is that we were the puppet masters, but we weren't on the ground selling the phones.
You know, we didn't demand that you get onto a norm, you as a criminal, decided to.
To the point that they, the FBI indicted the people that were selling the phones for them in this sting, right?
Yeah, eventually, as well as all of those arrests around the world, the FBI and the prosecutors in San Diego, where this operation was led, they put this cruel twist in that they prosecuted the biggest sellers for the platform as well.
And, you know, I've spoken to some of those sellers, and they had no idea. They were actually working for.
for the FBI, they thought they were riding on the wave of like the new hottest tech startup
in the criminal underground. And little do they know, they were actually basically doing the dirty
work for the FBI. Because to your earlier point, the FBI couldn't do that work for the reason
of entrapment. So they just got these guys to do it for them instead.
Let's back way, way up. So your book begins as kind of a history of encrypted,
chat networks for criminals.
Things like Sky, Phantom Wires, what the story really begins with, in Crow Chat.
How do these things work?
Because like most of us, if we want to have a private chat with somebody, we use WhatsApp,
we use Signal.
It's end-to-end encrypted.
We generally know that we're pretty safe from somebody looking at it from the outside.
But when you're, you know, smuggling cocaine or, you know, trying to do murder for hire,
you may want an extra level of security.
Yes, I mean, it actually starts way back with Blackberries and sort of Blackberry messenger.
Way back in the day, this was what a lot of drug traffickers used because it was perceived to be more
secure.
They send scrambles messages.
Eventually, the cops got wise to that, especially Canadian police.
They got this global decryption key, and they could basically read every BB.
message they felt like. Then some companies, underground companies, started running their own
BlackBerry Messenger's servers, so only they controlled the keys. There were some more
investigations into those companies. And then there's this shift. And it sort of starts with Phantom
Secure, one of the companies you mentioned. And what they did was they installed pretty good privacy,
PGP software, onto the phones. And this meant the keys were on the individual device. There
wasn't Blackberry you could go to, there wasn't some underground company you could go to and get the
key. You had to go to the individual device. And this is sort of what we all understand nowadays,
right, with end-to-end encryption with signal or WhatsApp or whatever. So that happens. And then
Phantom Secure and other companies in the space, they do start to do even more radical stuff. They
physically take out the GPS from the phones. They take out the camera. They even take out the microphone.
So at the end, the encrypted phone isn't really much of a phone at all. It's like,
this Blackberry customized device with a quirty keyboard that can sell encrypted emails. But that is
what, at least at the time, these drug traffickers want, because when the message or the email is
intercepted, the cops aren't going to be to read anything. It's just going to be a complete
gobbledy gook of numbers and letters. It's going to be completely garbled for them. And for a while,
drug traffickers really have like a leg up on the cops when it comes to this. I guess that kind of relates to
how I first got into this in the first place, because in 2016, everybody was talking about,
you know, iPhones and the San Bernardino terrorist attack and the FBI trying to get into that
phone. Very important issue. I covered it as well. But at the same time, there's all these
companies making these crazy encrypted phones. I'm like, that is where the drug traffickers are.
Like, they must be using stuff like this. And then the FBI caught up and Dutch, Lauren
Forson caught up as well. So there's this constant cat and mouse game as there always is.
intelligence or in law enforcement.
But for a good while with these encrypted phones, as I said, the cops were, sorry, the criminals
were further ahead than the cops because they had like this technological leap.
It was, I think it was the most significant technological upgrade for organized crime
since like the creation of the mobile phone.
Essentially what they're doing is they're buying off the shelf phones and then they are
wiping them and putting in purpose-built software.
Yeah, exactly.
And then there's all of these other bells and whistles
and they may put on, which may be like,
oh, we'll remotely wipe the device as well
if it falls into the wrong hands,
which is not the same as the Apple EyeCloud sort of wipe.
This is more you contact Phantom Secure.
Hey, the police have my phone.
Could you wipe it?
Sure thing.
I don't think Tim Cook at Apple is really going to do that, you know, necessarily.
Did the devices actually smoke?
you know, like the reels from Mission Impossible or anything exciting like that?
No, but I bet they wish they did because these people love like security fish and the pantomime.
They love over-the-top marketing.
So if they could, I bet they would, to be honest.
What kind of marketing?
What does that marketing look like?
Well, yeah, so there was a media report later on where I think ABC News said that
Phantom Secure phones were linked to an assassination between bikers in the country.
The phones were very popular biker gangs.
So one of the sellers took that piece of news that was on the TV and turned it into a YouTube
like sizzle reel and with like uncrackable and all of the ladies terms flashing around.
And they have Instagram profiles.
Like I've scrolled through the Instagram profiles of some of these people and they're showing off their Louis Vuitton bags with like big Rolex watches and stuff.
there is definitely like a brand element, like a marketing element here.
Right. I remember that there was a local news report where a cop came out and like had the phone and said like, oh, this is completely uncrackable.
And then they turned that into an advertisement for that particular brand of encrypted phone, right?
Yeah, yeah. It's, um, they're, because there's only so many people who buy phones kind of for crime because there's only so many criminals.
Right. So they need to convince people to migrate from one platform over to theirs, essentially. It's not like the iPhone or normal Android's where there's theoretically an infinite customer base as more and more people enter middle class or whatever. It's like there's only so many criminals, generally speaking.
You talk about a bunch of these different companies in the book, kind of before Anam comes out. What is the line for a company like Phantom Wire, like Sky,
between we're selling an extra level of privacy and we are facilitating crimes.
The line is basically when the company or its leaders cross over into deliberately facilitating criminal activity.
Now, that can be a very, very difficult thing to prove, right?
Which is why when authorities did end up investigating Phantom, they did this undercover operation
where these people, they present themselves as drug traffickers and they say we'd need to buy a bunch of
phantom phones for our drug trafficking operations and they're very, very explicit about it.
And rather than Vincent Ramos, the CEO, saying, I'm not interested, I'm not going to do that,
he not only offers to sell them, but offers to go a little bit further by, yeah, we can keep the GPS
functionality in if you need to track down a mole or an informant or something like that.
And that is, that's the key point that across the...
is over. But of course the US has something else that is very, very beneficial to law enforcement
to try to shut down these phones, which is RICO, the racketeering, oh my God, what is it,
racketeering, influenced corruption, so funny, I can't remember this. I can see you're Googling.
Receteer Influenced and Corrupt Organizations Act.
There you go. So, as we all know, that's generally used to target mob bosses, right?
because their mob bosses, they don't really get their hands dirty. They're not going out, at least
traditionally, and doing the killings themselves. So what the US could do was that they could use
RICO against some of these phone companies and treat them as a criminal entity in its own right.
And now that was impossible in Australia, where those bikers were assassinated. It was impossible
in Canada where Phantom and Sky and some other companies are based. So the US has this very novel,
very powerful legal mechanism to go after these companies. Because,
you know, running an encryption product, making one, selling privacy software is not a crime in
and of itself, nor should it be, in my opinion, right? You don't want to be clamping down on
VPNs or signal or anything like that. But to answer your question, it's when they cross
over into deliberately facilitating that criminal activity. And the remote wipe can sort of do
that as well. Like if somebody says, hey, there's evidence on my
phone, the police are trying to get, please wipe the phone and they do it, well, that's obviously
obstruction of justice as well. With different laws in different countries, right? I mean,
you don't have RICO acts everywhere, or at least not precisely. How do you bring a law
enforcement operation like this together? And how do you agree on charges or do you need to?
Yeah. So it's one overarching investigation. And then there's a
all the little parts underneath it. So in the Phantom case, they do end up charging the CEO under
RICO. With a NOM, this massive investigation as well, they do use RICO to charge the people who
sold the phones for the FBI as well. And the San Diego prosecutors can do that because, at least
from my eyes, and I think what they've told me as well, the prosecutors of San Diego are pretty
bullish and they will go out and they will try to prosecute crimes that impact people all over the
world as long as there's some sort of nexus to San Diego and through a very long series of
incidents they were able to do that because the first in cryptophone they got hold of was due
to belong to a drug trafficker who was based in San Diego and you can draw like this very
convoluted line between that arrest to then shutting down Phantom Secure to them running
an nom, then arresting all those people. But in their eyes, that's the through line. And, like,
now we're San Diego and we can wire it up the world, basically. And it's funny, I've even had, like,
especially European journalists reach out to me and ask, like, why do you think the FBI
did this? Like, it was all over the world. Like, why would the FBI do that? And I'm just like,
have you, like, spoken to the FBI? Have you, like, read about U.S. law enforcement or intelligence?
Like, this is fair game. It would actually be much more difficult, and it was.
was much more difficult to do it domestically in the US. To do it internationally, that's way,
way easier actually for the FBI. And in some cases, the prosecutors as well. But then to answer
your question a little bit more, when it comes to, okay, well, now we found drug trafficking in
Sweden or the Netherlands or something, those prosecutions will be handled by domestic agencies.
Like the Swedish authorities will charge whoever they've collected information on when it
comes to the drug trafficking. But when it comes to charging the encrypted phone company or the
sellers of that, the US handles that part. You just touched on something I think is really,
there was a really bizarre wrinkle of the story for me too. So the FBI builds this thing.
And I do want to talk about like how and why that ends up happening. But they don't use it
on US soil. It is mostly an international project. How does,
the FBI build a backdoor into the world's international, like, crime syndicates and then
not use it at home? Yeah. So first off, I'll explain how they built it generally,
for the international part. And it starts with they need to find somewhere for all of the
Anom messages to be collected. And they're kind of almost making it up as they go,
because it's an operation in flux, but they need to be getting these messages collected and stored
somewhere. So what they do is that they find a third country. The second being Australia, which
ran sort of a beta test, just to prove that the backdoor worked. And eventually they settle on
Lithuania. The FBI and the prosecutors really don't want that public, but I found it out,
and I published that a while ago and go into more detail in the book. So what happens is all of the
Anom devices all over the world, they send their messages to the messages to,
to a server in Lithuania.
Lithuania collects them, processes them.
And then under a mutual legal assistance treaty, an MLAT,
it provides them to the FBI every Monday, Wednesday, and Friday.
Now, an MLAT is basically a nice little agreement between two countries to trade information.
Sometimes countries use it to get information out of American tech companies like
meta or Snapchat or whatever, and they can use that mechanism.
what was nice here for the FBI was that, well, we got it as an M-Lat from Lithuania,
so it basically came with no strings attached.
Like it's not a warrant.
It's not a wiretap.
It's like, here's a package of data.
Here you go.
And they could rummage through that no matter what country had been collected from,
except for one key distinction.
And as you suggest in your question, that was the US.
Now, as they're developing this operation legally, operationally,
logistically and technically, they kind of put the US problem to the side, because that's going to be
very, very complicated. If a phone arrives in the US, well, do you get a search warrant?
Like under the Fourth Amendment? Do you get a wiretap order? There's all those questions.
They start laying out the groundwork for, okay, we think it'll be a wiretap order.
And maybe we'll work with the LA field office to do that as well. They make all of this boilerplate
language. And when Anom phones do land in the country, and I confirm that they did, they send off
an application to the Office of Enforcement Operations, the OEO. This is the part of the DOJ and Maine, D.C,
that approves every single wiretap in the country. Like, if you don't get their approval,
you don't get your wiretap. I think people realize how hard it is actually to get a wiretap
sometimes in the States. But they do that. And according to, you know, multiple people I spoke to,
including Andrew Young, the main prosecutor during this part of the operation,
OEO just sits on it and they do not approve it.
And it drags on for months and months and months,
and it becomes clear that OEO just does not want to have any part of this.
Andrew Young ends up quitting because he's getting sick of all of this bureaucracy.
But the end result is that the FBI can't read any messages inside the US,
which I think is interesting.
It shows that the DOJ is not some sort of monolithic entity.
You have these agents in San Diego and the prosecutor.
to San Diego as well, trying to do this audacious worldwide operation. And then some people in
Maine, D.C. are like, we don't want anything to do with this. So the end result was the FBI couldn't read
any of those messages, even though they thought they could probably arrest another 500 people or so
easily in the States. And it's not like the US is immune to, you know, obviously drug trafficking,
but then stuff like public corruption that was appearing in all of the messages worldwide. They were
like corrupt officials, corrupt people at airports and at sea ports as well.
There must have been stuff like that happening in America as well, but they couldn't do it.
Yeah, it's funny how this is a, almost a classic Silicon Valley disruptor story.
So this office in San Diego that decided they're going to do this and they just kind of
barrel forward until someone, I think that you even have the line, somebody says that we're just
going to do this until someone tells us to stop.
And just kind of go forth and then in the end, they can't use it in the United States.
But damn, do they make use of it all over the rest of the world?
Yeah.
I mean, and it just becomes this incredible intelligence tool where they end up just drowning in messages, essentially.
Yeah, and they end up in this strange place where these phones proliferate.
They get a good reputation.
The criminals start buying them.
people are reading the messages.
If you are the law enforcement agencies sorting through all of this,
how do you decide what to act on and what not to act on?
Because there's a line, right?
Like you want to stop certain crimes,
but you also want to make sure that nobody figures out that you've got a backdoor into this network.
How do they manage that?
Yeah, it's a constant tension throughout the entire book where,
even though they did do this big bang at the end where they arrested a ton of people, in the lead-up to that, they were intercepting some drug shipments.
They were acting on threats to life where, you know, an assassination might happen.
And they really had to balance, well, is this one big enough and worth investigating?
Because if it's too small, we may be burning the entire non-platform over a single crime, right?
Because if you see a drug shipment and you go intercept it, they go, the criminal.
are going to start thinking, well, how the hell
did the authorities know about that?
And maybe they would suspect the phones.
What actually happened in lots of cases
is they suspected each other,
then they tried to kill each other,
and then the FBI would have to try to stop that assassination as well,
and then stop that assassination.
It was sort of an endless cycle of violence.
But it's a constant question for all of the officials involved.
And, I mean, there are some examples
where a Swedish official I spoke to,
they were going to raid some sort of lab or a warehouse, and the officer on the ground
phoned her and said, okay, we just want to make sure you want to do this.
This isn't going to impact your source, right?
And she had to pretend to, you know, hang up, and then I'm going to go talk to my source.
And she's just twiddling her thumbs because it's all bullshit.
She's actually just getting the messages from a norm.
But she had to lie to her own colleagues to keep the integrity of the operations.
and I think as it got closer and closer to the end, it just became clear that that was untenable.
Like, that was not going to be possible.
It wasn't going to be possible to keep a non-secret under wraps for like a ton of different reasons.
And that was one of the main ones.
What's the end?
I don't mean like, you know, what actually happened.
But how did they decide, you know, to close it up and start arresting people?
Yeah.
Well, the foreign counterparts, they didn't want to stop.
They were getting this mountain of intelligence, this like incredible gold mine of information.
And they told the FBI, like, we don't want to.
We want to continue getting these drug shipments.
This is amazing.
When are you ever going to get a chance like this again?
And then there are two main reasons why they did stop.
The first was that Lithuania's court order was going to run out on around June 7th, 2021.
Now, maybe they could have just got another court order.
You know, I think that's absolutely possible.
And the San Diego FBI told me that as well.
So that's sort of half reason, I guess.
The main one is that it was just becoming so difficult to maintain tempo with the amount of messages.
It got to the point where every other day there was something like 30 new criminal syndicates joining the platform.
Eventually, they were getting a million messages a day, which all had to be reviewed not just for drug shipments, but to threats to life, right?
because if you miss the one message where somebody says,
we're going to go kill this guy at this time,
or obviously they might not even be that explicit.
It may just be like, go kill the guy.
If you miss that, people may die.
And at least one person did die due to a murder planned on the FBI's platform,
is what I found.
So it just became impossible to maintain tempo.
That became clear as early as like early May.
So then they had this month to figure out, okay,
how are we actually going to shut this down?
How are we going to arrest as many people,
many of these people as we can at one point?
It was almost too successful, basically.
And in total,
Anom had something like 12,000 users,
whereas Phantom was around 10,000.
Like, it was actually more successful
than some of the, you know,
real criminal and cryptophone companies.
But it was just the FBI doing it the whole time.
Right.
When you build this thing,
after a certain point, you become responsible for everything that happens on it, right?
Yeah.
And even though legally it wasn't a wiretap in a very particular legal sense,
ethically, they had to treat it as such.
Like if you're listening to a wire,
and you can imagine going back to the stereotypical image from the wire show,
when you have your headphones on, you're listening to tape or whatever,
if you hear we're going to go kill that person, law enforcement has an obligation,
ethically to try to do something about it, you know, warn them or move them or intervene or
something. Now imagine that on literally a global scale in more than 100 countries with a million
messages coming in every day. Like, I'm not surprised that they had to shut it down. I am surprised
they didn't fully leak. Like some people did start to get suspicious at the end, but I'm surprised
that this lasted for as long as it did, what, three, three years, something like that in total.
All right, Angry Planet listeners.
We're in a pause there for a break.
We'll be right back after this.
All right, Angry Planet listeners, welcome back.
We are on again with Joseph Cox.
One of the things I think that sets this book apart from other kind of nonfiction in the same space
is that you have such wonderful, bizarre characters.
My favorite being probably Microsoft.
And I bring this up in the context of like, how did they not know?
Because he's a guy that is constantly getting his drug shipments taken away from him, to the point that it ruins his entire life.
And yet is one of Anam's biggest supporters.
So can you kind of tell us who Microsoft is and what his journey is?
Yeah, so Microsoft, his real name is Maximilian Rifkin.
I used Microsoft, because that's just a really funny nickname.
Like, I just get to say Microsoft smuggled drugs over and over and over again in the book.
He had a friend in prison called Linux.
I would rather, you know, be that.
But he is a prolific drug trafficker.
He, you know, orchestrates these twilight drops of 400 kilos of cocaine by speedboat at night.
They call that a James Bond job when they do that.
He talks about getting an airfield.
think in Denmark to smuggle planes. He talks about a yacht to smuggle hash drugs inside energy drinks
by using a corrupt worker inside the factory. Just like every single hairbrain scheme you could
possibly think of, Microsoft has probably either thought about it or done it, basically. So he joins
anon after another company called EncroChat gets hacked by the police and gets shut down.
because there's this vacuum in the market.
And we need some more,
we need another sort of brand of encrypted phone.
He joins anon,
not just as a user,
but someone who could sell the devices as well.
And, you know, he's very successful at that.
And he's spreading it throughout Europe,
especially Sweden.
It then goes to,
um,
uh,
Columbia as well and spreads it to people over there.
And all the while he's doing encrypted phone stuff,
he's also doing his drug trafficking,
operations, including opening an amphetamine lab inside Europe.
When the FBI starts sharing messages about from an Horm with the Swedish authorities,
of course, they realize, huh, Rifkin, who they know about Rifkin, but they don't know about
his wider operations. And they discover he's running an amphetamine lab like in our backyard.
Like, that's outrageous. That's crazy. So eventually, you know, they decide to shut it down, that sort of thing.
And basically what goes from there, without spoiling sort of every seizure in the book,
but again and again and again, the authorities hit Microsoft where it hurts, which is by seizing
his drugs.
And it gets to the point where some of his cohorts are saying, man, it's the phones.
There's something wrong with these phones.
Like I just gave one to a colleague in Gothenburg, and now they've just been busted.
Like, it's got to be something to do with the phones.
He just does not believe it.
He says, no, it's not that. It's probably Sky or this guy spoke. And I just could not believe
the amount of blind faith that he put into Anom. Like, you could not ask for a better arc of a
character. Obviously, this is a work of complete non-fiction. Literally everything in this book
happened is true. It's been fact check. It's based on hundreds of thousands of Anom messages I've read
and all the people I've spoken to in and around the company. And this guy just
believed at the entire time until, you know, eventually the FBI comes clean and reveals, obviously,
we've been running at the entire time, and Microsoft realizes, oh, that's why all my drug shipments
have been seized. It's just, I love him as a character. It was incredibly fun to investigate
him and build this picture of him, most of which is done through, I said hundreds of thousands of messages.
that's from tens of thousands of pages of the messages,
and just reading those and having them translated,
I think every day for three months it took me
to read basically every message I have about Microsoft.
His colleagues call him the...
Or some of his colleagues call him the fool, right?
Yeah.
I mean, because he's an idiot, basically.
Like, I mean, he's very successful in one way,
but in another part, he can hyper-fix...
case you haven't been able to gather, he can hyperfixate on the wrong thing. And he does that
where he obsesses with moving the drugs from a certain safe house when it's actually not really the
right time, or he starts to sell his drug shipments on credit. So he doesn't actually have the
drugs yet. Like, they're coming, they're coming. But I will sell them to you sort of in advance.
And, okay, that's very precarious. You know, but what happens if the drugs don't arrive? And, of course,
that ends up happening. So, yeah, behind his back, his colleagues, his associates, they get
very, very sick with him to the point where I've been told by Swedish authorities that people
wanted him dead, basically. Well, so he was lucky to get arrested. Yeah. I mean, I think it's
actually good for his physical safety that ended up being the case. Right now, at the time of writing,
at the time of speaking, he's in Turkey, I believe.
That's where he eventually, you know, migrated to, I guess I would say, to be with a bunch of
other drug traffickers.
He was arrested, and right now, is he going to be charged there?
Is he going to be extradicted to Sweden?
Will he be extradited to the US?
I actually think he'll probably stay in Turkey, but that could change.
You know, Turkey is a pretty safe hotspot for criminals, so it has been up until very, very
recently over the past five years.
So maybe I'm wrong.
And maybe he'll be in a Swedish cell, you know, by the end of the year or something.
Another person I wanted, two other people I want to talk about, a great contrast to Microsoft
is one of the, the programmer you tracked down that helped build this thing, a teat?
Yes.
So that's a fake name that I gave them, yeah, which I gave to them just because,
was a couple of things.
So some of these developers
technically signed NDAs
to not talk about the operation.
Of course, they thought they were working for
a real app development company.
They didn't realize they were working for the FBI.
That's neither here nor there.
Beyond the NDA, the real issue is that,
you know, what if people suspect
that they were actually part of this FBI operation?
Like, oh, it's the developer's fault
and now I'm going to go hunt them down and hurt them.
That's not true.
That's not the case.
This person who I spoke to, he would just wake up every day and would, you know, code the app that he'd done like many other times for any other Android development company and fix bugs and work on the back door, that sort of thing.
To his understanding, the back door was so the corporate clients of a norm, you know, like ordinary companies, could archive messages, which is actually very, very common, especially like in banking and that sort of thing.
Like you may have a secure messaging app, but you need to keep copies somewhat securely in case, I don't know, there's insider trading or something and we need to go figure out what the hell was going on.
So he wasn't suspicious at all until one day he's laying on his bed and he goes to the Anon website and there's this big banner saying the FBI has seized this website.
And he was shocked.
I just love the image of him waking up every morning in Southeast Asia and rolling over in his bed and his pajamas.
and just picking up the laptop and just getting started, just working from bed.
Dude, he's just like me for me.
Exactly.
Yeah, yeah.
There's one thing I wanted to point out about these phones that people, they might be
picturing something that isn't a regular phone, right?
They are totally normal looking devices.
I mean, the glass front.
And I mean, I figured they were based off something.
But, yeah, I mean, you could hold on to this.
you wouldn't even, you'd have no idea what you had, right?
Yeah, so they're based primarily on Google pixels.
They did use some other devices when they needed to, but it's usually a Google Pixel device.
And as you say, it looks like a totally ordinary phone.
There's even a bonus feature in a nom where you can boot the operating system into a second system.
And it will just have a bunch of dummy apps like here's a streaming app, here's candy crush,
his email or whatever.
Those apps don't work.
You can't click on them and nothing happens.
But to your point, it's if a police officer snatches the phone, you can quickly boot into
that, hopefully, before it's been taken, obviously, and be like, hey, look, it's a normal phone.
What are you talking about?
And I guess, hope that they don't try to play Candy Crush on your phone.
But, yeah, it's a combination of security for obscurity, like it looks like an ordinary phone,
and it can be somewhat effective.
And then basically the security theater of the fake apps, like, that's,
That's stupid.
You know what I mean?
That's not actually secure, but it's funny.
And these gangsters love that stuff.
It really is funny.
I love it.
That's fantastic.
Do you have one of these phones?
I do.
Oh, lucky dog.
So it's here.
I mean, obviously, listeners can't see it.
But it just, yeah, it just works like an ordinary phone, looks like an ordinary phone.
I haven't turned it on in a while because,
now the FBI has shut down the Anom network. I think they may have pushed a wipe device to all of the phones. So I'm just like not turning mine on. So it never arrives. I'll have to turn it on in a Faraday room or Faraday cage or something. But yeah, I'm holding onto it for the moment. Obviously as a collector's item for myself. But yeah, I mean, I actually went to this. So in the San Diego FBI when I went to the agency, they have a museum in there from all of their past operations.
There's all these books and stuff, and there's, like, posters or whatever.
And I'm like, where's the Anom phone?
And they're like, oh, we don't have one.
What are you talking about it?
If I could get one, just put one in the museum, man.
What are you doing?
How'd you get that phone?
So after the FBI went public with Anom, a lot of these users try to sell them on the secondary
market, on eBay, on Gumtree.
And you can see those archived list.
things. And then there was, it was on some sort of Android developer forum. Somebody posted saying,
hey, I bought this like Google Pixel phone, but it's weird. It doesn't really do anything.
When I boot it, it says it's running Arcane OS. I have no idea what that is. I, of course,
knew that Arcane OS was a custom operating system for a norm. Like, there's no other tools that use it.
So I message that person, like, for a love of God, please let me buy this phone off you. I'll just give you whatever you pay for
I'll sort out shipping. That's fine, journalistically, in my opinion. And then I got hold of it. And I actually did a piece on it back at Motherboard, the tech section of a vice where I played around with it. But yeah, they're out there if you can get hold of one. But I think, as I said, if they're wiped now, it may be a little bit harder to track down.
So I want to back way, way up a question I should have asked a while ago. How do they decide, how does the FBI decide that they want to do this?
I know they'd swept up, at some point, they'd swept up the CEO of Phantom Wire, and they get him in a room and they say, hey, build us a backdoor in a Phantom Wire, and everything's going to be okay for you. He resists that doesn't end up happening. But the kind of the dream of building a backdoor into all of these criminal encryption networks persists. How does that dream become reality?
So it starts way back when they find their first phantom device, which is from the drug trafficker
called Owen Hansen. You know, he was very big, lots of cocaine across the States into Australia.
They arrest him, and he's using this phone. They manage, the FBI managers, to get into the device
because Owen kept the default password on the device. I don't know exactly what the
password was, but it's basically equivalent to like 0-000-0 or something. So they get in and they see
this insane number of messages all about drug trafficking. And he's only been using it for a short
period before that because he would cycle through the phones. But seeing all of that content,
they couldn't with an ordinary wiretap, it planted the seed of an idea of like,
huh, what if we could see the messages on all of these other phantom phones? Like, wouldn't that be
amazing? And then that's why they start investigating phantom. That takes a lot.
a long time.
They, as I said, the rest of CEO.
Before they did that, they did try to convince Ramos to put a back door into Phantom.
For various reasons that didn't happen, the primary one being, as I do tell him in the book,
he goes on the run and basically tries to flee and the FBI hunting him down in this
very, very dramatic manhunt.
So they don't get their back door.
But again, they're still thinking about it would be amazing to see those messages.
and crucially, the shutdown of Phantom and the arrest of Ramos, I mean, it signifies something,
which is that the FBI isn't going to allow these companies to exist anymore.
They are going to come and they are going to pursue them and they are going to shut them down.
And that's, of course, when AFGU, the synonymous original creator of Anom approaches the FBI.
And it's like, I have this company.
Do you want to take control of it in exchange for, you know, a lesser sentence for charges I may or may not face down the road?
Because it was just clear the game was up, you know?
Like, we've been selling phones to organize criminals for years, if not more than a decade at this point.
We're not going to be making that money anymore.
So I should probably get out of the game.
Yeah, so they had somebody early on that just kind of walked forward and said, hey, let's work together.
because I don't want to spend too much time in jail.
Essentially, yeah.
And if you think that, obviously, if you're an informant and you give information on one gang,
you can be killed for that.
If you're somebody who's providing the technological infrastructure to spy on hundreds of criminal syndicates around the world,
you can imagine the threat that this person would presumably be under as well,
which is why I'm very, very careful in the book to describe them in fairly vague terms.
but to the point where, of course, a reader can still get an idea of why this person is important and how they go into that position.
So another fascinating part of this book is, and I would say that what these chats do, big picture, is gives people a vivid picture of what international drug trafficking looks like in a way that we really haven't had ever before, right?
Yeah, I mean, even the law enforcement officials I spoke.
to were blown away by the content that was in here. And that's not just the Anom stuff. That's also
the hack of Anchor chat I mentioned and then European officials hacked Sky as well. And one Europol official
I spoke to said they've basically tripled their estimates for how much money is actually involved
in the, you know, at the underground drug trade or organized crime more broadly. It is completely
peels back the curtain of what is actually going on in organized crime, both on that macro level
with, as I said, the massive amount of cash involved in it, or sort of its value of the
underground economy. But then even the super specific stuff, like, oh, we're going to smuggle
cocaine by hiding it in stone slabs or something. Or we're going to take the cocaine, put it in
some sort of fertilizer, and then when it gets to the other end, we'll do some chemical, you
know, trickery and we'll extract it to them, we'll have the cocaine again.
So they learned an incredible amount about how organized crime functions.
And like, arguably, maybe that's actually more valuable than the arrests themselves.
When you arrest people and organize crime, other people take their place.
You know, there's a vacuum and then more people step up and then do that.
You can't arrest everybody.
That would obviously be insane.
But now with this information, law enforcement agencies know what to look for when it comes
to drug shipments.
What's this operation an unadulterated success?
Usually you hear about how the FBI fucked up, let's be honest.
So, you know, I'm a little suspicious.
Yeah.
So first on the success size, the FBI sees it as a success for two ways.
The first is that, you know, they seized tons of cocaine, they arrested all of these
people, okay, all great if you're following those metrics. The second is that, and this was always
a goal of theirs, they wanted to shatter trust in the encryptophone industry, as in, well, now that
we've run our own company and revealed it, organized criminals are going to be much more suspicious
of any other phone on the market, and maybe they won't use them. Maybe they'll move to mechanisms
or techniques that we can or easily monitor. And I don't know if they've been fully successful at that,
but, you know, I've spoken to phone sellers and drug traffickers, and the phone sellers especially
are like, it's impossible to build a customer base now because everybody is so scared that the next phone
could actually be run by the authorities. So that's broadly a success, I would say. But then I was
speaking to European officials, and especially those in Sweden. And on one side, the number of shootings
in Sweden went down. Sweden is very, very violent when it comes to organized crime, like the
the heaviest concentration in Europe or one of.
And shootings there went down after the Incrochat hack, which looks great, right?
But they've actually gone up again.
And one of the Swedish officials I spoke to, she said that, you know, we keep seizing these
shipments of cocaine and then we arrest all these people.
The cocaine just keeps coming.
And she left it as an open question.
But like, the fact that she was even questioning, is this even the right thing?
Like, are we doing the right approach?
here. That was crazy to me because I've heard that obviously a ton of times from former law
enforcement officials about maybe this approach on the war on drugs is wrong. I'd never heard it
at least that bluntly from a current official like who works on intelligence, you know.
So maybe that's a silver lining of yes, there were pockets of success, but maybe it shows
some law enforcement officials that maybe there needs to be another way to deal with organized
crime here rather than just seizing drugs and arresting people. Maybe there's some other
some other aspect to it that we're kind of neglecting.
In the end, I was kind of fascinated how this is a story about the war on drugs.
And even in the midst of a wild success, there is this soul searching and failure
because it did not seem to affect the markets at all.
Yeah.
Yeah.
Organized crime obviously continues.
And I guess it's obviously quite unfair to say, well, a novel.
didn't solve organized crime, so it must be bad. But, you know, it does highlight that even
when you do the most brazen, the most audacious, and the largest sting operation ever,
it amounts to like a rounding error on the master's spreadsheet of organized crime. Like,
how many unprecedented operations do you need to do to actually fix the problem? Obviously,
you can't do that because at some point they're going to become the norm. And that's what law
Fordome once actually, one Europol official I spoke to, they said, these investigations are great,
but we want these all the time. We want to be able to access encrypted messages all the time.
And that's also what we're seeing in Europe where they're pushing for legislation to, you know,
scan encrypted content for CSAM, you know, child abuse imagery with talk of also expanding that
to other sorts of crimes as well. I think the enormous operation is something of a warning that,
okay, it's targeted mostly criminals. It was a success in some ways. But they're not going to just
stop, even when criminals move to Signal or Telegram or other apps. The FBI isn't just going to,
you know, clap its hands and go, okay, well, let's go home then, job done. No, they're going to do
something else. And it's what happens now, which has a lot of people concerned.
Mr. Cox, where can people find the book? If they want to see pictures of Microsoft,
they want to learn about AFGU, they want to hear the wonderful story of Phantom White.
They want to learn about FBI agents sitting in the San Diego offices, slowly watching these messages and going crazy.
You can find Dark Wire wherever you buy books, be that the publisher's website or Amazon or Barnes & Noble, wherever.
If you pre-order, you can get bonus content, but it may be too late for that.
So otherwise, with the hardbook, the hardcover, there are photos in there.
Yes, of Microsoft, lots of other details.
And we are going to be talking a lot more about this on the 404 Media Podcast that I host,
along with other 404 media co-founders.
So if you're aching for more, definitely come over there as well,
and we'll be drilling into even more details.
Joseph Cox, thank you so much for coming on to Angry Planet.
Thank you so much.
That's all for this week.
Angry Planet listeners, as always.
Angry Planet is me, Matthew Galt, Jason Fields, and Kevin O'Dell.
It was created by myself and Jason Fields.
Did you know that if you go to Angry PlanetPod.com and sign up,
you can get commercial-free versions of the mainline episodes, bonus episodes, and even written work.
Later on this week, we're going to be checking in with Jason Wilson from The Guardian on the new right.
I've talked to Christopher Hooks about the Daniel Perry killing.
There's all sorts of great stuff coming down the pipe in the next couple weeks.
again go to angry planetpod.com, sign up there.
You'll get an email that walks you through
how to get all of your bonus stuff.
We will be back a little bit later this week
with another conversation about conflict on an angry planet.
Stay safe until then.