An international law enforcement operation codenamed 'Operation Passionflower' has shut down MATRIX, an encrypted messaging platform used by cybercriminals to coordinate illegal activities while evading police.
It should be noted that MATRIX is a different entity from the secure open-source, decentralized, real-time communications protocol with the same name, which is perfectly legal to continue using.
The operation was conducted across Europe, including France, the Netherlands, Italy, Lithuania, Spain, and Germany, and was coordinated by Europol and Eurojust.
A crime enabler
The police tracked down MATRIX after recovering the phone of a shooter who attempted to assassinate journalist Peter R. de Vries in July 2021.
After analyzing the phone, they discovered it was customized to connect to an encrypted messaging service called Matrix.
A joint investigation team (JIT) between the Dutch and French authorities allowed the police to monitor and intercept 2.3 million messages in 33 different languages sent through the devices. However, no technical details were provided on how they could do so.
"For three months, authorities were able to monitor the messages from possible criminals, which will now be used to support other investigations." reads an announcement by Europol.
"During a coordinated operation supported by Eurojust and Europol, the messaging service was taken down by Dutch and French authorities and follow-up actions were executed by their Italian, Lithuanian and Spanish counterparts."
MATRIX's 40 servers spread across Europe facilitated the communications of at least 8,000 user accounts, who paid between $1350 and $1700 in cryptocurrency for a Google Pixel-based device and a six-month subscription to the service installed on the phone.
MATRIX was also sold under the names' Mactrix,' 'Totalsec,' 'X-quantum,' and 'Q-safe,' but they all used the same infrastructure.
MATRIX also offers the ability to make encrypted video calls, track transactions, and browse the internet anonymously.
Seizures and arrests
Law enforcement conducted simultaneous raids and searches in four countries earlier today, resulting in the shutdown of 40 servers in France and Germany and the arrests of five suspects in Spain and France.
One of the arrested, a 52-year-old Lithuanian man, is suspected to be the owner and primary operator of MATRIX.
The authorities have also seized 970 encrypted phones, €145,000 ($152,500) in cash, €500,000 ($525,000) in cryptocurrency, and four vehicles.
The seizure banner posted on MATRIX's website warns users of the service that their communications have been exposed, and the investigation will continue.
Source: BleepingComputer
In a separate announcement, the Dutch police noted that any MATRIX users who chose the service for its privacy and anonymity and didn't get involved in crime activities should email geheimhouders@om.nl to request an exemption from the investigations.
The takedown of MATRIX comes despite its operators' technical sophistication and belief that it was superior to previously dismantled encrypted phone services.
However, previous law enforcement operations that took down similar encrypted phone services, like Ghost, EncroChat, Exclu, and Sky ECC, show that once law enforcement learns about their infrastructure, they can gather significant evidence of criminal acts by monitoring intercepted messages or through seized servers.
This evidence has led to the arrest of thousands of drug dealers, weapons dealers, organized criminals, murderers, and money launderers.
Break down IAM silos like Bitpanda, KnowBe4, and PathAI
Broken IAM isn't just an IT problem - the impact ripples across your whole business.
This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.
Comments
LittleDickPutin - 1 year ago
Now wouldn't be a better time spend hunting down I don't know the little d**k's hiding in mommies basement Russians and the malware/ransomware that causes more damage than any market place and start sending assassination teams into Russia just like do all around the world and we do nothing about it, and start popping off all of them and the web will be a little place after they are gone.
TsVk! - 1 year ago
It's the hydra, for every head that gets cut off two more appear.
tudor001 - 1 year ago
So, the difference between a "legal" encrypted messaging app and an illegal one resides only with the end users?! How come that? Moreover, how can a company that develops an app and runs a few servers detect which user is a criminal and which user is not? Does the company have to intercept users' messaging to ensure they don't commit crimes?! Really? This is also highly illegal. Does that mean WhatsApp will become illegal once criminals use it?! This is total BS and abusive against companies that develop secure comms solutions because it's only a matter of time before some criminals start using their apps.
Have you heard of abusive governments? Have you heard of abusive law enforcement? Have you heard of convicted law enforcement officers who enforced human rights, privacy, etc.? Are you living on this Earth, at least? Well, these precedents are widening the door for all of the above, and more human rights will be violated in the name of that precedent.
To make my point, I'll make a parallel. It's like arresting and convicting a kitchen knife manufacturer and the shop owner because a criminal bought a knife from his shop and murdered someone. What the owner should do? Tailgating the buyer, discovering his intentions? Should he hire a detective to see if the buyer has bad intentions?
The worst thing is that you agree with all that. This is sick.