When French gendarmerie, Dutch police and the UK's National Crime Agency (NCA) infiltrated the EncroChat encrypted phone network last summer, organized crime groups around the world switched to a new phone provider.
Belgian and Dutch police were able to crack the encryption of Sky ECC users, the world's largest crypto network.
Sky ECC, what is it?
Sky ECC is a Canada-based communications network and service provider
Founded in 2008 by Jean-François Eap, it promotes itself as the most secure messaging platform you can use. He is so confident in his systems that it offers a nice reward to anyone who can break the encryption on any of his phones.
The price of a license for the use of a device for one year is displayed at 2200 euros
SKy ECC functions
Company-supplied phones have disabled cameras, microphones, and GPS. Messages are encrypted and are automatically deleted after thirty seconds.
If a phone was not reachable by the network, the message would be kept for up to 48 hours and then deleted. If a user entered a “panic” password, the device deleted its content.
Sky ECC communication network infiltrated by police
The attack broke out on March 9, 2021, causing panic among users of encrypted phones around the world when Dutch police destroyed and entered a Sky ECC server.
More than 1 Belgian police officers, in some cases accompanied by Belgian special forces, took part in simultaneous raids between 600 a.m. and 5 a.m. yesterday on 11 houses, arresting 200 suspects.
Among those detained were three lawyers in Antwerp who used Sky ECC cryptophones, according to the Dutch broadcaster HLN.
Dutch police raided 75 homes and arrested more than 30 people, recovering at least 28 guns in raids against suspected drug traffickers in Rotterdam.
The transport included 1,2 million euros in cash, as well as diamonds and jewelry, eight luxury vehicles, 14 weapons, three vending machines and police uniforms.
Belgian prosecutors initially refused to confirm or deny that Sky ECC was breached, but later confirmed at a press conference that police obtained a data warehouse full of allegedly secure messages from the network.
Planning started over two years ago
Eric Van Duyse, spokesperson for the Belgian federal prosecutor's office, described the operation - supervised by an investigating judge in the town of Menchlen - as the largest police investigation ever undertaken in the country.
Belgian police said they took action after cryptophones were increasingly used by criminal groups.
Some 185 encrypted phones were recovered during police operations across the country, many of which were equipped with Sky ECC encryption software.
The operation against Sky ECC received the green light from Belgian prosecutors last year, after two and a half years of planning.
The attack mirrored the French and Dutch infiltration of EncroChat last year by carrying out a two-stage attack on the network.
During the first phase, police intercepted and stored encrypted communications from the Sky ECC network, while experts sought to decrypt them.
During the second phase, which lasted three weeks, the police were able to read the "live" data sent over the Sky ECC network.
Deciphering the messages required international cooperation through research and collaboration between encryption experts, Belgian federal prosecutor Frédéric Van Leeuw said last night.
With more than three million messages sent globally through Sky ECC every day, investigators said they needed to prioritize. “The top priority was messages that showed possible danger to life,” Van Leeuw said.
The Belgian federal judicial police have set up command posts in Brussels and Antwerp to react quickly if deciphered messages reveal an urgent threat to life.
Investigators also attempted to identify selected users and identify criminal activity by analyzing the content of their messages.
Police stored and examined "hundreds of millions" of messages from Sky ECC phones in a data warehouse as part of their anti-drug operation.
According to Belgian prosecutors, there are more than 70 Sky ECC devices active worldwide, mainly in Europe, North America, Central America, especially Colombia and the Middle East.
Van Leeuw said it should be noted that around 25% of active users of these devices are based in Belgium, which has 6 users, and the Netherlands, which has more than 000 users.
SKY ECC denies cracking of its system
Sky ECC said in a statement last night that allegations that Belgian and Dutch authorities hacked the company's communications software were "false" and that its service had been restored after an outage.
The company said its distributors alerted it that a fake phishing app, branded Sky Ecc, was loaded into unsecured phones and sold through unauthorized channels.
“Sky ECC did not authorize or cooperate with any investigating authorities or those involved in the distribution of the bogus phishing app,” the company said.