The CEO of an encrypted messaging and device company is now under arrest, after international authorities collaborated to break its encryption code and then spy on messages for three weeks before moving to arrest key figures, in the process “forestalling” dozens of criminal activities.
The U.S. Department of Justice (DoJ) last week announced an indictment against Jean-Francois Eap, the CEO of encrypted messaging company Sky Global and an associate for “wilfully participating in a criminal enterprise to help international drug traffickers avoid law enforcement”.
Eap (also known as “888888”) and Thomas Herdman, a former high-level distributor of Sky Global devices, have been charged with a conspiracy to violate the colourfully-named federal Racketeer Influenced and Corrupt Organizations Act (RICO), according to warrants issued for their arrests.
“The indictment alleges that Sky Global generated hundreds of millions of dollars providing a service that allowed criminal networks around the world to hide their international drug trafficking activity from law enforcement,” Acting U.S. Attorney Randy Grossman said in the announcement. “This groundbreaking investigation should send a serious message to companies who think they can aid criminals in their unlawful activities.”
Specifically, the indictment alleges that the company “knowingly and intentionally” sold its encrypted communications devices to criminal organizations involved in the transnational importation and distribution of narcotics, used digital currencies such as Bitcoin to conduct illegal transactions on the firm’s website and protect its customers’ anonymity, and obstructed investigations of drug trafficking by “remotely delet[ing] evidence of such activities.”
A Wave of Law Enforcement Action
The development comes on the heels of a coordinated exercise called “Operation Argus” and “Operation A-Limit,” in which law enforcement agencies from Belgium, France, and the Netherlands announced major interventions against the messaging platform to disrupt the illegal use of encrypted communications by large-scale organized crime groups (OCGs).
By successfully breaking the encryption protections of Sky ECC in mid-February, authorities said they were able to decipher over half a billion messages and gain “invaluable insights into hundreds of millions of messages exchanged between criminals,” culminating in a series of nearly 275 raids and the arrest of 91 suspects, besides seizing 17 tonnes of cocaine and €1.2 million.
The Belgian Federal Police and the Dutch National Police said the encrypted message traffic was read “live” for a period of about three weeks, forestalling “dozens of planned serious violent crimes, including kidnappings, liquidations and shootings.”
“This has resulted in the collection of crucial information on over a hundred of planned large-scale criminal operations, preventing potential life threatening situations and possible victims,” Europol noted.
Sky ECC is said to have surged in popularity following a similar takedown of Encrochat last July by French and Dutch investigators, with many criminal gangs shifting to the service to carry out criminal acts. Sky, like Encrochat’s EncroPhone, is part of the encrypted phone industry, in which iPhone, Google Pixel, and Blackberry handsets are altered by incorporating tamper-resistant hardware and OS-level protections capable of resisting (lawful) attempts to gain access to their contents.
Sold for either a three or six months subscription at $185/month, the phones also integrate their own encrypted messaging applications with support for self-destructing chats, in addition to disabling features like camera outside of the app, microphone, calling, Bluetooth, NFC, biometrics, GPS sensors, and app store access that could potentially compromise security.
Worldwide, there are an estimated 170,000 Sky ECC custom-made phones in service, Europol said, adding around three million messages are being exchanged each day on a global scale. Sky ECC is operated from the U.S. and Canada while making use of computer servers based in Europe. Around a quarter of its active users are located in Belgium and the Netherlands.
Sky ECC Denies Involvement
Denying that it’s a “platform of choice for criminals,” Sky ECC contested its involvement in the operations and said that its platform remains secure and that none of the authorized devices had been hacked, instead pointing fingers at an impostor reseller (named “SKYECC.EU”) that had no connection to the company.
“SKY ECC authorized distributors in Belgium and the Netherlands brought to our attention that a fake phishing application falsely branded as SKY ECC was illegally created, modified and side-loaded onto unsecure devices, and security features of authorized SKY ECC phones were eliminated in these bogus devices which were then sold through unauthorized channels,” the company said.
The company has also claimed it had not been contacted by any investigative authority, nor it cooperated with the parties involved with the fake phishing application.
Responding to the DoJ’s indictment, Eap said, “the unfounded allegations of involvement in criminal activity by me and our company are entirely false,” adding, “In the coming days, my efforts will be focused on clearing my name of these allegations.”
Sky Global’s technology “was not created to prevent the police from monitoring criminal organizations; it exists to prevent anyone from monitoring and spying on the global community,” he added.
News of Sky ECC’s dismantlement also follows an identical crackdown on providers of encrypted communications, including Ennetcom and Phantom Secure, over the last few years.
