How the FBI’s Trojan Shield operation exposed a criminal underworld

In May last year, two drug traffickers turned to an encrypted messaging platform called ANOM to plot their latest endeavour: shipping narcotics from Colombia to Hong Kong.

One, going by the username Real G, sent a picture of a wooden box stuffed with packages of suspected cocaine, according to court documents. “They cover this with a layer of banana,” Real G wrote, revealing his intended method of hiding the illicit substances to his peer.

But unbeknown to Real G and hundreds of criminals who until this week believed that ANOM was the best way to arrange drug deals, money laundering and murders away from the eyes of authorities, the FBI was also secretly copied in on every message.

Indeed, in one of the most elaborate and sprawling honeypot traps known to date, the entire communications platform was being covertly operated by the FBI, marking a first for the agency.

The operation — dubbed Trojan Shield — has shone a light on the black market for the privacy-oriented messaging platforms increasingly used by criminals, and demonstrated the lengths to which law enforcement will go to wield their own technologies to crack down on targets.

“The supreme irony here is that the very devices that these criminals were using to hide from law enforcement were actually beacons for law enforcement,” said acting US attorney Randy Grossman. “We aim to shatter any confidence in the hardened encrypted device industry.”

The FBI partnered with law enforcement in 17 countries in total as part of the operation. For these groups, Trojan Shield was an unprecedented coup, yielding about 800 arrests, and leading to the seizure of $48m in cash and cryptocurrencies and more than 32 tonnes of drugs. More than 100 murder plots were also thwarted.

There may be more fallout to come. The operation has also “initiated numerous high-level public corruption cases in several countries”, according to an affidavit that was unsealed this week.

“Digital sting tactics are tried and true,” said Ashkan Soltani, an independent privacy researcher and former chief technologist at the Federal Trade Commission. “The thing that is astounding is the scale of the operation, in terms of the number of people and geographically.”

The idea behind Operation Trojan Shield was concocted over beers between the Australian police and the FBI in 2018, officials have said. Another similar encrypted messaging system, Phantom Secure, had been shut down around that time, creating a new gap in the market.

The FBI then persuaded an unnamed developer who had already begun building an encrypted platform called ANOM to allow them to commandeer the app, and also to introduce it to suspected criminals, according to court documents. In return, the developer, who was facing prison, would receive $120,000, a lighter prison sentence and travel expenses.

The ANOM app was installed on mobile phones stripped of any other capability. The phones, which were bought on the black market, could not make calls or send emails. They were likely expensive: Phantom Secure devices would cost between $1,500 and $2,000 for a six-month plan, for example.

Over the course of the next three years, the operation was able to inspect about 27m messages over 11,800 devices as ANOM gained popularity in criminal circles globally, pushed by the developer but also a network of crime “influencers” — experts in encrypted phones who encourage others to use such devices. Separately on Tuesday, the US Department of Justice charged 17 ANOM “influencers” and sellers were charged with racketeering.

It is unclear what prompted the FBI and others to reveal the operation this week, and conduct the swaths of arrests. An anonymous blogger warned in March that ANOM was a scam in a since-deleted post that was largely ignored, according to media reports.

While Trojan Shield appears to be the most sprawling, there is still precedent for similar digital sting operations. Last year, European law enforcement agencies infiltrated encrypted communications network EncroChat for a short period of time, triggering hundreds of arrests.

“What it illustrates is that you can’t pull trust out of a system,” said Bruce Schneier, a veteran cryptography expert and Harvard lecturer. “Your system, your hardware, your software, your developers, your updates — any of those can be subverted.”

He added that the ANOM operation was likely to rouse suspicion of all communications apps among criminals. “That makes it harder to be a criminal from now on.”

Such developments were welcomed by some privacy advocates who reject calls for encryption to be banned, or for law enforcement to get access to messages via backdoors in popular encrypted messaging apps such as WhatsApp and Signal.

“It speaks to how these calls for backdoors are often not necessary,” said Solkani. “You can use good old-fashioned detective work and sting operations without backdooring the protocols and services that consumers widely use.”

But he also noted that the operation raised ethical questions, pointing to the potential of incidental surveillance of innocent people. “How many criminals and non-targets were also swept up in this operation?”

For some, there are outstanding legal questions. “This kind of surveillance, if it occurred in the United States, would violate both the Fourth Amendment and the Wiretap Act,” said Jennifer Lynch, surveillance litigation director at the Electronic Frontier Foundation, pointing out that the US did not monitor ANOM users domestically.

“In this case, though, instead of trying to go through lawful channels in the US, it appears the FBI relied on other countries with different and possibly less privacy protective laws to launder its surveillance.”