A joint investigation team involving French and Dutch authorities has taken down Matrix, yet another end-to-end encrypted chat service created by criminals.
Matrix (Source: Dutch Police)
The Matrix encrypted chat service
Matrix – also know as Mactrix, Totalsec, X-quantum, and Q-safe – was first identified by Dutch authorities on the phone of a criminal convicted for the murder of Dutch crime journalist Peter R. de Vries in 2021, and the discovery prompted an investigation into the service.
“It was soon clear that the infrastructure of this platform was technically more complex than previous platforms such as Sky ECC and EncroChat. The founders were convinced that the service was superior and more secure than previous applications used by criminals. Users were only able to join the service if they received an invitation,” Europol said.
The service has over 8,000 users (accounts), who paid between 1,300 and 1,600 euros for a dedicated phone and a 6-month subscription. The users were mainly located in Southern Europe.
“The crypto communication service offered a whole ecosystem of applications, including the ability to make (video) calls, keep track of transactions and surf the internet anonymously. [The service] was offered in the form of an app that was mainly installed on Google Pixel phones,” the Dutch Police said.
They also made sure to note that “Matrix is also the name of a company and communication protocol of the same name, which has nothing to do with the crypto communication service Matrix.”
Operation Passionflower
By using “innovative technology”, the authorities were able to monitor the activity on the service for three months, intercept the messages sent, decrypt them, and link them to crimes such as international drug trafficking, arms trafficking, and money laundering.
A larger coordinated action also involving law enforcement agencies from other Germany, Italy, Lithuania and Spain happened on December 3 and resulted in:
- Three suspects arrested, in France and Spain
- Over 40 servers taken down across Europe (including France and Germany)
- Seizure of 145,000 euros in cash, half a million euros in cryptocurrencies, 970 telephones and 4 vehicles
According to the Dutch Police, Matrix was owned and managed from Spain by the main suspect – a 52-year-old Lithuanian man.
“Criminals using the messaging service are alerted to the interception by the authorities through a splash page. Through legal requests, authorities will now be able to access the messages for their investigations,” Europol added.
“The encrypted communication landscape has become more fragmented following the takedown of several services such as Sky ECC, EncroChat, Exclu and Ghost. Criminals, in response to the disruptions of their messaging services, have been turning to a variety of less-established or custom-built communication tools that offer varying degrees of security and anonymity. While the new fragmented landscape poses challenges for law enforcement, the takedown of established communication channels, shows that authorities are on top of the latest technologies that criminals use.”