Can Law Enforcement Develop and Run Malware? software; Can they use malware to track?
Encrochat was a company that offered custom phones that shipped encrypted messages end-to-end to each other. Encrochat used a basic Android device. It would install its own software and of course remove the GPS, microphone and camera functionality to further lock down the devices.
Encrochat's phones had an emergency wipe feature where if a user entered a specific PIN it would wipe all data that were stored on the device. The devices also ran two operating systems sitting side by side. One that looked innocent and another that contained users' most sensitive communications.
Motherboard said an Encrochat spokesman said the company was legitimate with customers in 140 countries and wanted to "provide the best technology on the market for a reliable and secure service for any organization or individual who wants to protect its information."
The company had tens of thousands of users around the world but decided to close after the authorities discovered its network breach.
The malware was developed and used by the French authorities, en masse on Encrochat devices, and had the ability to collect "all data stored on the device". That is, messages, geolocation data, usernames, passwords, and more, according to a document available to Motherboard.
The document provides more details about the invasion of the Authorities in its network Encrochat and the closure of the company at the beginning of the year.
Organized crime groups across Europe and the rest of the world used the network before it was seized, in many cases to facilitate the trafficking of large quantities of drugs. The operation is one of the largest mass hacking operations by law enforcement to date. Authorities acquired more than a hundred millions encrypted messages.
"The NCA has been working with Gendarmerie on Encrochat for over 18 months, as the servers are hosted in France. "The ultimate goal of this collaboration was to identify and exploit any vulnerabilities in the content acquisition service," the document said, referring to both the UK National Crime Agency and one of France's national police forces.
In addition to location, chat messages, and passwords, Authority malware asked Encrochat infected devices to provide a list of WiFi access points near the device.
"This command from the implant resulted in us receiving MAC addresses which is the unique number assigned to each Wi-Fi access point and the SSID given to that access point." he says The document.
After the closure of Encrochat the authorities arrested a British killer who killed a leader of a criminal organization and an armed robber, as well as various gangs throughout Europe, including those who used the so-called "so-called"torture chambers“. However, some of the users they were legal.
The French authorities said at the time of the closure of Encrochat that they had the legal power to develop the malware and run the mass hack, which they described as a "technical tool".