Can law enforcement develop and run malware? Can they use malware for monitoring?
Encrochat was a company that offered custom phones that sent encrypted end-to-end messages to each other. Encrochat used a basic Android device. She installed her own software and of course removed the GPS, microphone and camera function to further lock the devices.
Encrochat phones had the ability to delete in case of emergency, where if a user entered a specific PIN he deleted all the data stored on the device. The devices also ran two operating systems sitting side by side. One that seemed innocent and another that contained the most sensitive user communications.
Motherboard said an Encrochat spokesman said the company was legitimate with customers in 140 countries and wanted to "provide the best technology on the market for a reliable and secure service for any organization or individual who wants to protect its information."
The company had tens of thousands of users worldwide but decided to close after the authorities discovered its network breach.
The malware was developed and used by the French authorities, en masse on Encrochat devices, and had the ability to collect "all data stored on the device". That is, messages, geolocation data, usernames, passwords and much more, according to a document available to Motherboard.
The document gives more details about the authorities' intrusion into its network Encrochat and the closure of the company at the beginning of the year.
Organized crime groups across Europe and the rest of the world used the network before it was seized, in many cases to facilitate the trafficking of large quantities of drugs. The company is one of the largest mass hacking companies by law enforcement to date. Authorities obtained more than a hundred million encrypted messages.
"The NCA has been working with Gendarmerie on Encrochat for over 18 months as the servers are hosted in France. "The ultimate goal of this collaboration was to identify and exploit any vulnerabilities in the content acquisition service," the document said, referring to both the UK National Crime Agency and one of France's national police forces.
In addition to location, chat messages and passwords, Authority malware asked Encrochat infected devices to provide a list of WiFi hotspots located near the device.
"This command from the implant resulted in us receiving MAC addresses which is the unique number assigned to each Wi-Fi access point and the SSID given to that access point." reports The document.
After the closure of Encrochat the authorities arrested a British killer who killed a leader of a criminal organization and an armed robber, as well as various gangs throughout Europe, including those who used the so-called "so-called"torture chambers“. However, some of the users they were legal.
French authorities said at the time of the closure of Encrochat that they had the legal authority to develop the malware and run the mass hack, which they described as a "technical tool".