This site uses cookies to ensure the best viewing experience for our readers.
Inside the FBI’s biggest sting: How encrypted phones exposed the underworld

Inside the FBI’s biggest sting: How encrypted phones exposed the underworld

Anom was meant to be a secret weapon, but it became a global tool for infiltrating drug cartels and murder plots. With the help of criminal masterminds, the operation spread fast—until its consequences became too great to handle.

Viki Auslender | 11:07, 13.10.24

On August 24, Russian billionaire Pavel Durov was arrested moments after his private plane landed in Paris. In an unusually swift move, French authorities apprehended the founder of Telegram, accusing him of allowing the popular messaging app, which has more than a billion users, to become a hub for drug trafficking and the large-scale distribution of child pornography. The arrest was met with shock, immediately sparking a discussion about freedom of expression and privacy. Yet beneath the surface, it also revealed how criminals communicate in the 21st century.

Until a few years ago, drug lords and arms dealers avoided apps like Telegram or Signal, opting instead for specialized encrypted phone companies. These companies offered exclusive access and guaranteed high levels of security within tightly controlled networks. But everything changed on June 7, 2021, when the largest sting operation in history, called "Trojan Shield," was launched.

On that day, 10,000 police officers across the globe—from Australia to Europe—arrested more than 800 cartel leaders, money launderers, hitmen, and drug and arms traffickers. Authorities seized over 12 tons of cocaine, 22 tons of hashish and marijuana, and hundreds of weapons. "The FBI developed and operated an encrypted device company called Anom," explained San Diego District Attorney Randy Grossman. For three years, the FBI covertly ran one of the underworld's most popular phone companies, providing services to 12,000 subscribers from around 300 criminal organizations across 100 countries.

The arrests of Hakan Ayik (right) and members of his organization in Turkey, 2022. The arrests of Hakan Ayik (right) and members of his organization in Turkey, 2022. The arrests of Hakan Ayik (right) and members of his organization in Turkey, 2022.

This operation, simultaneously lauded for its creativity and criticized for potential privacy violations, is at the heart of "Dark Wire," a book by Joseph Cox, an award-winning British technology journalist and co-founder of the website 404 Media. In the book, Cox unravels the saga of how the FBI tricked gangsters into using Anom, believing they had found a secure communication platform, when in fact they were unwittingly doing the FBI's dirty work. And yes, Netflix has already acquired the rights to adapt the story into a film.

"Anom is a story of trust—in technology and in people," Cox told Calcalist. "It’s about whether we can trust the government to use its powers responsibly, whether people trust each other, and, of course, whether they trust technology." Cox also emphasizes that this case highlights the growing crackdown on end-to-end encryption technologies: "You can't fully understand the arrest of Telegram’s CEO in August without understanding the story of Anom."

Step 1: Frighten a shady entrepreneur

The story begins in March 2018, after the downfall of the encrypted phone company Phantom Secure, whose CEO, Vincent Ramos, was arrested at the Canadian border. For a decade, Ramos had taken BlackBerry devices, stripped them of microphones and cameras, and installed encrypted messaging software. Many of his customers were among the world's most dangerous criminals—drug lords, arms dealers, and hitmen. The FBI had long tried to recruit Ramos to allow them to intercept communications, but he resisted. However, his arrest spooked a rising competitor, an entrepreneur known as "Afgoo," who was about to launch his own encrypted phone company, Anom. Afgoo approached the FBI with a deal: in exchange for a lighter sentence, he would hand over the keys to his startup.

Like any successful startup, Anom needed two things: a cutting-edge product and rapid growth. It offered a new generation of encrypted phones with more advanced features. Instead of an outdated BlackBerry, it used Google Pixel devices that ran on ArcaneOS, a privacy-oriented operating system without GPS or other location-tracking tools. The phones boasted both standard (but secure) features like sending photos, voice messages, and emojis (because even criminals like to send a smiley when ordering a hit), as well as unique ones such as a voice-mixing tool, a file vault for sensitive data, image-censoring abilities, and remote phone-wiping services. The highlight was a covert way to access the encrypted messaging system through the calculator app: users simply entered a basic equation, and upon pressing the "=" sign, the messaging system appeared.

Selling encrypted phones isn't illegal in itself, but when a company markets its products as a way to evade authorities, the legal lines blur. Anom claimed that all its servers were located outside the "Five Eyes" intelligence alliance, which includes the U.S., Canada, New Zealand, the U.K., and Australia. The message to potential customers: "Your Confidentiality, Assured. Software hardened against targeted surveillance and intrusion—Anom Secure. Keep Secrets Safe!." The price? $2,000 per device, plus a six-month subscription.

One detail remained a secret: who truly ran the company. For years, Afgoo acted as the fake CEO, bringing in his underworld contacts as early adopters. But behind the scenes, it was the FBI that ran Anom, constantly rolling out updates like any other smartphone company. Every feature touted as a new level of privacy was, in reality, a trap. ArcaneOS secretly tracked the physical location of each device, duplicated voice messages on servers without encryption, uploaded files from the secure vault to law enforcement, and preserved the original versions of pixelated images. Even remote wipes were futile—everything had already been intercepted by a system called "Hola iBot."

By the end of the operation, which lasted about two and a half years, the FBI had essentially built and operated a social network for criminals. They partnered with around 60 law enforcement agencies worldwide, bringing them into the fold gradually—first by passing information to local authorities, and later by giving them direct access to Anom.

Pavel Durov Pavel Durov Pavel Durov

Step 2: Lure a key criminial

In October 2018, the first messages sent through Anom immediately appeared on the computer monitors of the Australian Federal Police (AFP). Cooperation with Australia was essential because the FBI did not receive permission from U.S. authorities to launch the operation domestically. Senior U.S. officials were hesitant due to the legal complications involved. Therefore, a beta test was initiated with five phones distributed in Australia by a local criminal, albeit a relatively minor figure. The success was swift: once criminals got their hands on the phones, every message exchanged involved a criminal offense. The FBI realized they had opened a backdoor to the underworld, and the operation was officially launched.

How do you even distribute encrypted phones to the suspicious underworld?

"In most cases, you need to know a marketer who can provide you with the phone. Occasionally, they can be purchased online, but that’s relatively rare. Typically, you have to know someone — this process is designed to keep the police and other outsiders at bay. It’s like a due diligence process, ensuring that only those with aligned goals, in this case criminals, are brought into the network," says Cox.

This marketing approach had another advantage: if Anom convinced a top-tier criminal to adopt its phones, all the criminals beneath them had to use the same devices to communicate on the internal network, as Anom phones only communicated with each other. This tactic worked with Ayik, the biggest drug lord in Australia, responsible for importing a third of the country’s drugs. He recorded a net profit of about $600 million annually and had accumulated a fortune estimated at $1.2 billion. Ayik wasn’t just a major player but was also tech-savvy, earning the nickname the "King of Encryption" — and he knew Afgoo. That’s how he became involved with Anom. Ayik was not only seeking a replacement for Phantom Secure but also wanted to profit from the encrypted phone business and became Anom's brand ambassador.

"I don’t know if Anom would have succeeded internationally without Ayik’s involvement," says Cox. "After all, the endorsement of one of the most wanted drug dealers in the world is the ultimate boost for an encrypted phone company. Without it, Anom would have taken years to grow."

Ayik also introduced Anom to the second key figure in the story: Maximilian Rivkin, a Swedish gangster of Serbian origin, nicknamed "Microsoft." Cox describes him as "a real 21st-century drug kingpin" — someone with both technological expertise and global connections, capable of smuggling a wide variety of substances across multiple countries and languages: Serbian, Swedish, Bosnian, Spanish, English, and Croatian. "Microsoft wasn’t just a successful drug dealer, moving hundreds of kilograms of cocaine; he was essential to Anom's global expansion," Cox explains. "He knew everyone — from the Colombians to the Europeans."

Until 2020, Microsoft had been a loyal customer of EncroChat and Sky, two dominant encrypted phone companies. However, when it was revealed that the French had hacked into EncroChat, exposing its 60,000 users and granting access to around 100 million messages detailing assassinations, drug trafficking, extortion, and the management of drug labs, Microsoft saw an opportunity. He aimed to introduce a new phone company and profit from it. He traveled to Istanbul to meet Ayik, who was looking for a partner to help expand Anom in Europe, and the meeting went well.

Microsoft’s target market was drug-trafficking and murder-for-hire gangs in Sweden, though competition from Sky remained strong. His first strategy was to offer Anom phones at a significantly lower price: a six-month introductory subscription for $600, compared to Sky’s $2,000. Simultaneously, he spread rumors questioning Sky’s security. "If you use Sky, you’re playing with my freedom," he wrote in one message.

The FBI watched as what began with six phones grew into the most extensive infiltration of criminal organizations in history. "We allowed these devices to be sold organically around the world," said Brett Kalina, one of the FBI officials overseeing Anom. High-level criminals would purchase Anom phones and then sell them to other criminals. "We created our own pyramid scheme," Kalina remarked.

Related articles:

Step 3: Manage a huge network in secret

With the help of Microsoft and Ayik, Anom quickly spread to South America and Southeast Asia, with efforts made to introduce it to Russia as well. The tens of thousands of anonymous messages that Cox read revealed all the creative ways criminals smuggled huge amounts of drugs around the world: in shipments of tulip flowers, furniture, ships, energy drinks, or animal feed. "I only read a very small part of what the police collected, but even that was overwhelming. Every text message in the spreadsheet involved cocaine, shootings, assassinations, or something else you can imagine. Hardly any code words were used—maybe some slang here and there." At one point, Cox says, Microsoft asked online if he would get a group discount if he ordered more than one hit. "They didn’t hide what they were doing because they thought they were completely safe."

Crime was rampant, and the volume of Anom content exploded. At the peak of the operation, more than a million messages per day in 45 languages were being monitored by approximately 130 FBI agents working around the clock. Miraculously, nothing leaked. Even when the FBI shut down drug labs, prevented more than 150 assassinations, or intercepted huge shipments, criminals suspected informants, not technology. "They chose to trust these devices, until everything crumbled and fell apart," says Cox.

On the other hand, the FBI’s perspective was that the operation had stretched their capabilities to the limit, and they could no longer effectively monitor the massive flow of information. In at least one case, this failure cost lives: in September 2020, a young Swedish man named Sasha was murdered in an attack that was planned entirely on Anom. Everything was organized online—from sourcing the weapon to locating the target, luring him to a specific spot, arranging payment, and celebrating afterward. The FBI monitored all the messages in real time but still failed to save Sasha. This raised a serious ethical issue: the FBI had become a platform that knowingly enabled violent crimes—the very thing the founder of Telegram is accused of today.

"Every message should have been read and analyzed, especially the photos, which often included weapons or signs of a potential threat to human life," Cox explains. "But they just couldn’t keep up with the flood of content. That’s what FBI agents themselves admitted at the conference I managed to sneak into—it’s very hard to keep up. That was the main reason they stopped."

Additionally, the FBI had always intended to end the operation. It was never meant to be a permanent tool. They collected countless messages and intercepted drug shipments, but to turn it into a viable tool for prosecution, they had to go public and reveal where the evidence came from.

No less important was the FBI’s goal to undermine the confidence of underworld criminals in encrypted phone technology. "The FBI wanted to destroy trust in the encrypted phone industry by admitting it had been running the network all along. To do that, they had to shut down Anom and tell the truth. This created a chilling effect on the use of encrypted phones in organized crime globally."

Step 4: Worry about the consequences

How should we feel about this story?

"Those who worry about privacy will say it’s terrifying, while those who care more about law enforcement will find it incredible. Most readers will likely feel conflicted, and that’s not a bad thing. I’m very privacy-focused—I don’t own a cell phone, I use extreme measures to protect my privacy, and I’ve covered government surveillance for a decade—yet I see clear advantages in this operation."

Since the Anom scandal broke, criminals have moved to encrypted apps such as Telegram and Signal. This, Cox explains, heightens the dilemmas: Should law enforcement agencies be allowed to read text messages from all over the world without restrictions? Should they be allowed to secretly manage technology companies or hack entire communication providers? If an encrypted messaging system like Signal serves both criminals and law-abiding citizens, is it a legitimate target for a raid? Is privacy dead?

"Operations like Anom, and the arrest of the Telegram CEO, should make people worry that their conversations could be monitored. But don’t be paranoid—privacy isn’t dead, it just requires some active commitment. This is an opportunity to start a conversation about whether we want law enforcement to carry out such actions. This is different from phone wiretapping, which has been done for a century with court orders targeting specific user accounts or phone numbers. Here, they’re policing entire chat platforms, and we haven’t had the discussion yet. Maybe we’ll be okay with it, but we need to have that conversation."

share on facebook share on twitter share on linkedin share on whatsapp share on mail

TAGS