Cops make arrests and seize drugs after hacking Exclu encrypted messaging app


European police have shut down an encrypted messaging service used by thousands of people including members of organised crime groups.

A joint operation led by Dutch and German police has led to over 45 arrests following a multi-country probe into the Exclu encrypted messaging service.

Police covertly read decrypted communications on the app for five months before launching co-ordinated raids, according to a series of announcements on Monday 6 February.

Exclu claims on its web site to offer the “most secure encryption protocols” which it says have been audited by cryptography experts to ensure they contain no backdoor vulnerabilities.

“End-to-end encryption ensures only you and the person you’re communicating with can read what’s sent, and no body in between, not even Exclu,” it claims.

Customers could buy a six month subscription to the service, allowing them to share text messages, pictures and videos, according to a statement by the European justice agency Eurojust.

 “The application was praised by users for its high level of reliability and service,” it said.

The encrypted messaging service had 3,000 users including 750 Dutch speakers.

Clues discovered in German Cyberbunker

German police began investigating Exclu in June 2020 after discovering that the service had been hosted in a notorious “cyberbunker” in Traben-Trabach. The bunker allegedly hosted drug marketplaces on the dark-web before being shut down by German police in September 2019.

Exclu continued to use a server in Germany.

In a series of co-ordinated raids on 3 February 2023, 1,200 police officers in the Netherlands, Germany, Belgium and Poland searched 79 addresses.

Police dismantled two drug laboratories and seized Euro 5.5 million in cash, 300,000 ecstasy tablets and 200 mobile phones, which are being examined by forensics and digital experts.

Police in the Netherlands and Germany made 45 arrests. Holland’s Fiscal Information and Investigation Service (FIOD) arrested a 51 year old man from Tilberg in Southern Holland, on suspicion of money laundering. Investigators seized crypto-currency and an encrypted phone from his home.

Exclu accused of supporting organised crime

Police accuse the operators and owners of Exclu of supporting organised crime and drug trafficking by providing encrypted communications services to criminals, according to a statement by the public prosecutor’s office in Koblenz, Germany.

German police said they had executed several search warrants targeting the operators of Exclu but made no arrests.

Dutch police began an investigation, codenamed ‘26 Samber,’ in September into the owners and managers of the Exclu service.

A second Dutch investigation, codenamed  ‘26Lytham,’ began on 28 April 2022 into users of Exclu who were suspected of involvement in organised crime.

Innocent Exclu users urged to contact Dutch 

Dutch police have asked users who can claim legal privilege, such as lawyers, notaries and clergy to email the Openbaar Ministrie – responsible for bringing prosecutions – to request that their data is deleted.

The international collaboration to take down Exclu follows similar operations to dismantle encrypted phone networks suspected of being used by organised crime.

French and Dutch police hacked the EncroChat encrypted phone service in 2020, obtaining millions of decrypted messages, and sparking arrests in the UK, Holland and Sweden, among other countries.

Belgian and Dutch Police announced they had penetrated the Sky ECC encrypted phone service in March 2021 leading to further arrests of alleged drug dealers.

In June 2021, Police in 16 countries carried out raids after Australian Police and the FBI cracked the An0M encrypted phone network, in Operation Trojan Shield.

Dutch lead on encryption

The Dutch police have longstanding expertise in cracking encrypted communications services.

Computer Weekly has previously reported that the Dutch National Forensics Institute (NFI) was a key participant with French police in a two-year project with University College, Dublin, to study how to break passwords of encrypted systems in February 2019.

The £2.3m project, Cerberus, played a key role in helping the joint French and Dutch police operation  read messages on a server used by the EncroChat encrypted phone network, according to the NFI.

Europol provided investigating police forces with ‘real time’ operational support to identify imminent threat to life and high security risks during investigations into Exclu.

Eurojust has supported judicial co-operation on the investigation into Exclu since February 2022, hosting 8 meeting to between the Dutch and German prosecutors and law enforcement.

Computer Weekly contacted Exclu for comment through its website without response.



Source link