A quick note on framing before the details. EncroChat, Sky ECC, and ANOM marketed almost exclusively to organized crime, and the operations against them led to hundreds of convictions for drug trafficking and violence. This post is not a lament for those networks. It is an autopsy, because the technical failure modes that exposed their users apply to any communication tool whose security you cannot verify, and the population that depends on unverifiable "secure" tools includes journalists, activists, and ordinary people who simply chose the wrong product.
EncroChat: the update server owns the fleet
EncroChat sold modified Android handsets with the camera, GPS, and microphone hardware disabled, a panic PIN that wiped the device, and a proprietary encrypted messaging app. Subscriptions ran around 1,500 euros for six months, and by 2020 the network carried roughly 60,000 users.
French investigators located the network's servers at a hosting provider in Roubaix, France. In spring 2020, with judicial authorization, the French Gendarmerie pushed a software implant to every EncroChat handset through the network's own update mechanism. The implant harvested messages from the devices themselves, before encryption on the way out and after decryption on the way in, along with stored notes and contact data. Encrypted transport was irrelevant; the endpoint was reading its own screen.
Investigators collected more than a hundred million messages before EncroChat noticed the compromise in June 2020 and sent its users a final warning to destroy their devices. The resulting prosecutions, coordinated across Europe under names like Operation Venetic in the UK, are still producing convictions and legal arguments today. European courts have wrestled ever since with whether and how bulk-intercepted material from another country's operation is admissible, and the answers have varied by jurisdiction.
Whoever controls a device's update channel controls the device. EncroChat's users trusted a vendor whose update server could silently replace the software doing the encrypting. Once investigators controlled that server, every cryptographic property of the system became decorative.
Sky ECC: the bigger network falls the same way
Sky ECC was larger, with subscribers concentrated in Europe and North America and infrastructure that, again, partly sat with hosting providers in Europe. In March 2021, Belgian, Dutch, and French authorities announced they had been intercepting and reading Sky ECC traffic for weeks, collecting hundreds of millions of messages. Belgian police described cracking the app's protections sufficiently to read message content in transit or at the infrastructure level; the company disputed parts of the account, but the arrests and seizures across Belgium and the Netherlands were not hypothetical. The same month, US prosecutors indicted Sky Global's CEO.
The detail worth keeping from Sky ECC is how little the users' operational discipline mattered. These were customers paying specifically for security, on devices sold as hardened, and the compromise happened at a layer none of them could observe: the vendor's infrastructure and the closed design of the app itself. No amount of careful behavior on the handset defends against that.
ANOM: the product was the wiretap
The third case inverts the other two. After the FBI took down Phantom Secure in 2018 (its CEO was later sentenced to nine years for racketeering), a former reseller of encrypted phones offered the FBI something unprecedented: a new encrypted phone product he had been developing, handed over before launch. The FBI and the Australian Federal Police ran it as a business.
ANOM devices looked like the competitors: a stripped Android phone, a calculator app that opened a hidden messenger after a passcode. Underneath, every message carried a duplicate copy encrypted to a key held by the operation, routed to servers investigators controlled. The FBI called it Operation Trojan Shield; the AFP called it Operation Ironside. Distribution spread through the same reseller networks that had sold Phantom Secure and EncroChat, seeded by informants, and demand jumped every time a rival network was taken down. By June 2021 there were around 12,000 active devices in over 100 countries. The takedown produced roughly 27 million intercepted messages and more than 800 arrests in a single coordinated sweep.
There was no compromise of ANOM because there was nothing to compromise. The interception was a design requirement from the first line of code. Its users had no way to know that, and that is the point: they had no way to know anything about the system at all.
The pattern: what all three networks had in common
| Property | EncroChat / Sky ECC / ANOM | Openly designed messengers |
|---|---|---|
| Protocol documentation | None public | Published and independently analyzed (Signal Protocol, MLS RFC 9420, OpenPGP) |
| Client source code | Closed, vendor-controlled | Open source, buildable and inspectable |
| Independent audits | None | Routine for serious projects |
| Trust model | Trust the vendor completely | Server assumed hostile; security rests on the endpoint code you can verify |
| Anonymous operators | Yes, by design | Identifiable organizations with reputations to lose |
Every one of these networks asked customers to trust an anonymous operator, a secret protocol, and an uninspectable client, and charged a premium for it. Secrecy was the sales pitch. Secrecy was also the vulnerability, because a system nobody outside can examine is a system where interception, incompetence, and honest operation all look identical from the user's side.
Contrast the trust model of open systems. Signal's protocol has been formally analyzed by academic cryptographers. An open client can be compiled from source and, with reproducible builds, checked against the binary you actually run. None of this makes a system immune to endpoint compromise; malware on your phone still reads your screen, which is the enduring lesson of mercenary spyware. What openness changes is the class of failure. A backdoor in an open protocol has to survive public scrutiny by people who publish papers for a living. A backdoor in a closed one has to survive nothing.
What this means if you are not a drug trafficker
The honest reading of these cases favors law enforcement: faced with strong encryption, investigators did not need to weaken the mathematics or mandate backdoors in mainstream products. They compromised infrastructure, exploited update channels, and in one case ran the company. Targeted endpoint operations against specific criminal networks worked, which undercuts the recurring argument that everyone's encryption must be weakened for investigations to succeed.
For everyone choosing communication tools, the takedowns compress into three tests worth applying to anything that claims to be secure:
- Can outsiders verify the design? A published protocol and open client code do not guarantee security, but their absence guarantees you are taking someone's word for it.
- Who controls the update channel, and what happens if they are compelled or compromised? Update integrity is part of the threat model, not a footnote.
- Does the pitch rely on exclusivity or mystique? "Military-grade," invitation-only, secret-sauce security has a track record now, and it is this one.
Tools built for scrutiny survive scrutiny. Tools built on mystique survived, on average, about three years.