Search
Close this search box.

Encrypted Chat CEO Indicted for Aiding Organised Criminals

Share:

The CEO of an encrypted messaging and device company is now under arrest, after international authorities collaborated to break its encryption code and then spy on messages for three weeks before moving to arrest key figures, in the process “forestalling” dozens of criminal activities.

The U.S. Department of Justice (DoJ) last week announced an indictment against Jean-Francois Eap, the CEO of encrypted messaging company Sky Global and an associate for “wilfully participating in a criminal enterprise to help international drug traffickers avoid law enforcement”.

Eap (also known as “888888”) and Thomas Herdman, a former high-level distributor of Sky Global devices, have been charged with a conspiracy to violate the colourfully-named federal Racketeer Influenced and Corrupt Organizations Act (RICO), according to warrants issued for their arrests.

“The indictment alleges that Sky Global generated hundreds of millions of dollars providing a service that allowed criminal networks around the world to hide their international drug trafficking activity from law enforcement,” Acting U.S. Attorney Randy Grossman said in the announcement. “This groundbreaking investigation should send a serious message to companies who think they can aid criminals in their unlawful activities.”

Specifically, the indictment alleges that the company “knowingly and intentionally” sold its encrypted communications devices to criminal organizations involved in the transnational importation and distribution of narcotics, used digital currencies such as Bitcoin to conduct illegal transactions on the firm’s website and protect its customers’ anonymity, and obstructed investigations of drug trafficking by “remotely delet[ing] evidence of such activities.”

A Wave of Law Enforcement Action

The development comes on the heels of a coordinated exercise called “Operation Argus” and “Operation A-Limit,” in which law enforcement agencies from Belgium, France, and the Netherlands announced major interventions against the messaging platform to disrupt the illegal use of encrypted communications by large-scale organized crime groups (OCGs).

By successfully breaking the encryption protections of Sky ECC in mid-February, authorities said they were able to decipher over half a billion messages and gain “invaluable insights into hundreds of millions of messages exchanged between criminals,” culminating in a series of nearly 275 raids and the arrest of 91 suspects, besides seizing 17 tonnes of cocaine and €1.2 million.

The Belgian Federal Police and the Dutch National Police said the encrypted message traffic was read “live” for a period of about three weeks, forestalling “dozens of planned serious violent crimes, including kidnappings, liquidations and shootings.”

“This has resulted in the collection of crucial information on over a hundred of planned large-scale criminal operations, preventing potential life threatening situations and possible victims,” Europol noted.

Sky ECC is said to have surged in popularity following a similar takedown of Encrochat last July by French and Dutch investigators, with many criminal gangs shifting to the service to carry out criminal acts. Sky, like Encrochat’s EncroPhone, is part of the encrypted phone industry, in which iPhone, Google Pixel, and Blackberry handsets are altered by incorporating tamper-resistant hardware and OS-level protections capable of resisting (lawful) attempts to gain access to their contents.

Sold for either a three or six months subscription at $185/month, the phones also integrate their own encrypted messaging applications with support for self-destructing chats, in addition to disabling features like camera outside of the app, microphone, calling, Bluetooth, NFC, biometrics, GPS sensors, and app store access that could potentially compromise security.

Worldwide, there are an estimated 170,000 Sky ECC custom-made phones in service, Europol said, adding around three million messages are being exchanged each day on a global scale. Sky ECC is operated from the U.S. and Canada while making use of computer servers based in Europe. Around a quarter of its active users are located in Belgium and the Netherlands.

Sky ECC Denies Involvement

Denying that it’s a “platform of choice for criminals,” Sky ECC contested its involvement in the operations and said that its platform remains secure and that none of the authorized devices had been hacked, instead pointing fingers at an impostor reseller (named “SKYECC.EU”) that had no connection to the company.

“SKY ECC authorized distributors in Belgium and the Netherlands brought to our attention that a fake phishing application falsely branded as SKY ECC was illegally created, modified and side-loaded onto unsecure devices, and security features of authorized SKY ECC phones were eliminated in these bogus devices which were then sold through unauthorized channels,” the company said.

The company has also claimed it had not been contacted by any investigative authority, nor it cooperated with the parties involved with the fake phishing application.

Responding to the DoJ’s indictment, Eap said, “the unfounded allegations of involvement in criminal activity by me and our company are entirely false,” adding, “In the coming days, my efforts will be focused on clearing my name of these allegations.”

Sky Global’s technology “was not created to prevent the police from monitoring criminal organizations; it exists to prevent anyone from monitoring and spying on the global community,” he added.

News of Sky ECC’s dismantlement also follows an identical crackdown on providers of encrypted communications, including Ennetcom and Phantom Secure, over the last few years.

Picture of Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.

Contact

Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Company

Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →

Services

Services

Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl
360

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution

Solutions
Resources

Resources

A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →