AFP discreetly modified encrypted platform updates to obtain hidden access.
We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!
AFP Dismantles Encrypted Platform “Ghost” Used by Criminal Organizations
Quick Summary
- The Australian Federal Police (AFP) accessed an encrypted communications tool named Ghost.
- Ghost was utilized by criminals for unlawful operations, including drug trade, money laundering, and acts of violence.
- AFP altered software updates to gain access to communications on devices located solely within Australia.
- A total of 376 active Ghost devices were identified, and 50 offenders from Australia face severe legal consequences.
- This initiative follows various international operations such as AN0M, EncroChat, and Sky Global.
- An international task force led by the FBI and French Gendarmerie aided in this operation.
- Further arrests, both domestically and internationally, are anticipated in the days ahead.
The Ghost Takeover: A Significant Strike Against Criminal Organizations
On Wednesday, the Australian Federal Police (AFP) disclosed its involvement in dismantling Ghost, an encrypted communication platform purportedly utilized by criminals around the globe. The service, operating for nine years, provided secure communication capabilities mainly via modified smartphones, costing $2350 for a six-month subscription.
The platform’s developer, a 32-year-old from Narwee, Sydney, has been arrested and faces multiple charges. The investigations commenced in 2022, initiated by international entities, with the AFP collaborating with a global task force known as OTF NEXT, led by the FBI and the French Gendarmerie. The AFP also initiated its domestic operation, Operation Kraken, focusing on Australian users and the alleged Australian creator behind the platform.
Operation Kraken: How the AFP Achieved Infiltration
Operation Kraken, an undercover investigation by the AFP, played a critical role in the takedown of Ghost. The AFP disclosed that they managed to breach the platform by altering software updates routinely disseminated by Ghost’s administrators.
“The administrators frequently issued software updates, similar to those necessary for standard mobile phones,” explained the AFP. By adjusting these updates, the AFP obtained access to communications on devices within Australia, enabling them to quietly monitor criminal conduct without raising alarms among users.
At the time of the announcement, 376 smartphones equipped with Ghost software were in use. In the following 48 hours, approximately 700 AFP officers were assigned to execute warrants and make arrests based on intelligence gained from intercepted communications. Up to 50 Australian offenders are now facing serious allegations, which include drug trafficking, money laundering, and orchestrating killings.
International Collaboration: OTF NEXT and Global Efforts
The Ghost takedown is a product of significant international collaboration. Led by OTF NEXT, an international task force consisting of the FBI and French Gendarmerie, the operation brought together several countries in the fight against organized crime. The AFP’s access to communications via the Ghost platform supplied critical intelligence for both domestic and global law enforcement agencies.
Similar international operations have targeted other encrypted services, including AN0M (an earlier AFP-FBI sting in 2021), EncroChat, Sky Global, and Phantom Secure. These platforms were frequently leveraged by criminals who believed that their communications were secure and beyond the scope of investigative agencies.
Consequences of the Ghost Takedown
The dismantling of Ghost is emerging as one of the largest law enforcement operations of its kind since the AN0M sting two years prior. AFP Deputy Commissioner for Crime, Ian McCartney, underscored the importance of disassembling such encrypted systems. “Dismantling dedicated encrypted communications devices requires substantial skill,” McCartney remarked. “But the ultimate goal is always to infiltrate criminal platforms to gather evidence – and this is where the AFP excels on a global scale.”
The intelligence acquired from Ghost has already shown to be lifesaving. The AFP, working alongside state partners, has managed to prevent the death or severe injury of 50 individuals in Australia. Furthermore, law enforcement agencies worldwide continue to collaborate, anticipating more arrests soon.
Resellers and Custom Smartphones: The Tools for Criminal Operations
Ghost was more than just a software application; it depended on a network of resellers distributing specialized handsets to criminals across the world. These modified smartphones were pre-installed with Ghost, enabling users to access secure communication methods. The AFP noted that this reseller network was pivotal in providing these devices to criminals involved in unlawful activities.
While authorities in various regions have also gained access to Ghost communications, it’s uncertain if they employed the same strategies as the AFP or different approaches altogether. Colonel Florian Manet, leading the national cyber command technical department of France’s Home Affairs Ministry, mentioned that a “technical solution” was devised over several years, enabling law enforcement to access Ghost communications.
Conclusion
The AFP’s successful removal of Ghost highlights the advancing capabilities of law enforcement in addressing the use of encrypted communication platforms by organized crime. Through a blend of international cooperation and technical proficiency, the AFP modified software updates to breach the platform, resulting in numerous arrests both in Australia and abroad. With additional arrests anticipated, this operation signifies a substantial success in the ongoing fight against criminal organizations using encrypted messaging to evade detection.
Commonly Asked Questions
Q: What is Ghost, and how did criminals use it?
A:
Ghost is an encrypted communication platform that was allegedly exploited by criminals for illegal undertakings such as drug trafficking, money laundering, and orchestrating killings. It operated through specialized devices sold by a reseller network, facilitating secure messaging.
Q: How did the AFP access the Ghost platform?
A:
The AFP altered ordinary software updates dispatched by Ghost’s administrators. These modified updates permitted the AFP to secretly monitor communications on devices located in Australia, granting them vital intelligence.
Q: How many devices were utilizing Ghost, and how many arrests were made?
A:
At the time of the announcement, 376 smartphones running Ghost were active. The AFP is executing warrants, and as many as 50 alleged offenders in Australia could face serious charges. Anticipation for further arrests, both domestically and abroad, is growing.
Q: What previous operations are similar to the Ghost takedown?
A:
The Ghost operation follows earlier initiatives to dismantle various encrypted platforms, including AN0M (a joint sting involving the AFP and FBI in 2021), EncroChat, Sky Global, and Phantom Secure. These platforms were also utilized by criminals for secure communications.
Q: What is OTF NEXT, and how did it contribute to the takedown?
A:
OTF NEXT is an international task force led by the FBI and French Gendarmerie. It was formed to target Ghost and comparable encrypted communication platforms used by organized crime. The AFP played an essential role in this task force, contributing to the overall success of the operation.
Q: What impact did the operation have on curbing criminal activity?
A:
Intelligence garnered through Ghost enabled the AFP and its state partners to avert the death or serious injury of 50 individuals in Australia. It also resulted in the disruption of a drug syndicate and numerous arrests.
Q: What role did resellers play in the Ghost operation?
A:
Ghost depended on a network of resellers to supply modified smartphones to criminals. These devices were pre-installed with the Ghost application, allowing users to utilize its secure communication features.