Story image

Decrypted: Phantom Secure takedown a 'significant blow' against Australia's organised crime networks

19 Mar 2018

A collaborative effort by Australian, US and Canada law enforcement agencies has busted a Canadian security firm for allegedly providing secure, encrypted communications to the organised crime market.

Phantom Secure offered encrypted messaging and chat services to customers, according to its website.

However, law enforcement agencies say the company has been providing specially-designed devices for the organised crime market – and may have been the first encrypted communication platform available on a wholesale scale in Australia.

The platform was the single largest supplier to Australia’s organised crime market, with approximately 10,000 devices sold in Australia alone.

Criminals were able to use Phantom Secure’s services and devices to conduct unrestricted and secure communications ‘beyond the capability of law enforcement interception’, a press release from the Australian Federal Police says.

“According to court documents, Phantom Secure advertised its products as impervious to decryption, wiretapping or legal third-party records requests. Phantom Secure also guaranteed the destruction of evidence contained within a device if it was compromised, either by an informant or because it fell into the hands of law enforcement,” a statement from the US Department of Justice adds.

Phantom Secure has now been dismantled by a number of law enforcement agencies, who worked together to disable the platform and the secure devices used on it.

Five men, including Phantom Secure CEO Vincent Ramos, were indicted in the United States last week. Other men charged include Kim Augustus Rodd, Younes Nasri, Michael Gamboa, and Christopher Poquiz.

According to the Australian Federal Police, the men are charged with “Knowingly participated in a criminal enterprise that facilitated the transnational importation and distribution of narcotics through the sale and service of encrypted communications”.

The United States Government was also involved in the takedown through the Federal Bureau of Investigation (FBI). This is the first time the US has targeted a company and its principals for aiding and abetting criminal firms.

“The disruption of the Phantom Secure platform has been one of the most significant blows to organised crime in Australia,” comments New South Wales Crime Commission’s executive director of Criminal Investigations Division, Timothy O’Connor.

Using this equipment, criminals have been able to confidently communicate securely and control and direct illicit activity like drug importations, money laundering and associated serious, often violent criminal offending, yet have remained removed from these criminal acts,” adds Australian Federal Police Assistant Commissioner of Organised Crime, Neil Gaughan.

The bust was a joint effort between the Australian Federal Police, the US Federal Bureau of Investigation, the Royal Canadian Mounted Police (RCMP), the Australian Criminal Intelligence Commission, New South Wales Crime Commission, New South Wales Police, Queensland Police, Victoria Police, South Australia Police, the Australian Taxation Office and AUSTRAC.

According to RCMP organised crime assistant commissioner Jim Gresham, the investigation is a prime example of law enforcement agencies coming together from around the world and collaborating.

“We remain committed to investigating and disrupting these illegal activities that adversely affect each of our communities.”

The Australian Federal Police continues to work with the FBI, RMCP and other partners on the case. Further arrests and charges have not been ruled out.

Authorities are also aware of similar platforms, some of which have direct connections to Phantom Secure, which are also under investigation.

ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Who's watching you? 
With privacy an increasing concern amongst the public, users should be more aware than ever of what personal data companies hold.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Managing data to comply with privacy regulations - Micro Focus
It’s crucial for organisations to be able to access, understand, and accurately classify the data they have so they know how to treat it.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.