No 'legitimate users' of modded Blackberries, says FBI
An arrest by US authorities last week has brought to light alleged associations between encrypted phone supplier Phantom Secure and international drug trafficking.
The arrest followed an Australian Federal Police bust of a cocaine shipment from the United States to Australia.
Rather than merely being a passive supplier of phones, the affidavit attached to the arrest warrant for Phantom Secure's CEO Vincent Ramos, a Canadian resident, claimed he participated in drug deals facilitated by encrypted communications, and that the company's phones are used exclusively to evade law enforcement.
Ramos is charged with RICO violations (that is, racketeering) and drug trafficking. Others were named in the arrest warrant, but their names have been redacted.
According to the affidavit (PDF), the phones Phantom Secure supplied to the drug dealers were extensively modified after they left BlackBerry: they're only capable of running PGP-encrypted email, with VPN connections to servers in Panama and Hong Kong. All this is expensive: the phones are sold with a US$2,000 to $3,000 six-month subscription.
The phones are sold only through personal contact – someone wanting one of the devices needs a personal introduction from an existing customer. If they fell into the wrong hands, the FBI learned, they could be remote-wiped by Phantom Secure.
The FBI claimed the operation generated “tens of millions of dollars” by “facilitating the crimes of transnational criminal organisations and protecting those organisations from detection”.
The company sold around 20,000, the document states, and a surprising 10,000 of those were used in Australia.
In Australia the phones have been linked with organised crime for some time. In March 2017 local media reported the 2014 discovery of a cache of the phones during a drug investigation.
The anonymity of Phantom Secure users proved part of the operation's undoing. An Australian Federal Police agent began operating a Phantom Secure phone it had seized from another drug dealer without being spotted as an imposter. They communicated with a Los Angeles dealer to arrange a 10 kilogram cocaine shipment to Australia in 2016.
The FBI special agent who wrote the affidavit, Nicholas Cheviron, cites contact with law enforcement in Canada and Australia, and wrote that no law enforcement partner “has identified even a single legitimate Phantom Secure user”.
The agent also related a meeting between undercover agents and Ramos, in which he said the phones were designed to facilitate drug trafficking.
There's a curious contradiction in the affidavit that suggests Phantom Secure might not have been completely honest even with its criminal customers. In describing how the phones are made (presumably from documents obtained from the company), Cheviron's affidavit said:
When Phantom Secure receives the BlackBerry handsets, its technical team removes the hardware and software responsible for all external architecture, including voice communication, microphone, GPS navigation, camera, Internet and Messenger service [emphasis added]
However, in reported discussions with Ramos, it seems GPS capability is left intact, with very sinister intent. After Ramos said the primary vulnerability is an informant, an undercover agent said GPS helped "locate and kill the informant". Ramos response: "Yeah, it does". ®