Phones of choice for contract killers and cocaine bosses

Liverpool’s criminal underworld turned to a new generation of encrypted phones in the wake of EncroChat’s collapse.

Drug bosses and gun runners were dealt a killer blow when the clandestine communications network was hacked last summer.

Secret conversations they never expected to see the light of day were captured by European authorities and handed to UK detectives.

A wave of cocaine, heroin and cannabis dealers are now sitting behind bars, regretting that they allowed themselves to become so reliant on high-tech software.

And a pattern has emerged revealing how the crooks desperately tried to find replacement devices when they realised the game was up – only to find they had nowhere to hide.

Two recent cases feature dealers who discussed getting Sky phones – an alternative to EncroChat – beloved by gangsters across Europe.

But after the intervention of the FBI and raids across the continent, suspects including mafia bosses and Hells Angels have been locked up.

Here we take a look at the evolution of the top tier criminal’s secret phone of choice, from PGP and EncroChat, to Sky and Anom.

Pretty Good Privacy

PGP, which stands for “Pretty Good Privacy”, became the dominant form of end-to-end encryption for email communications in the 1990s.

In the late 2000s, modified Blackberry devices equipped with PGP software became a ‘must-have’ for crooks dealing in drugs, guns and ammo.

£5.1m in cash seized in Operation Venetic, an investigation into EncroChat, a military-grade encrypted communication system used by organised criminals trading in drugs and guns.
£5.1m in cash seized in Operation Venetic, an investigation into EncroChat, a military-grade encrypted communication system used by organised criminals trading in drugs and guns

By the 2010s, they routinely featured in cases at Liverpool Crown Court, including the sentencing of a Merseyside crew who dreamed of a “Class A empire“.

Police seized six kilos of cocaine when they arrested Jordan Talbot outside Rushton’s garden centre in Thornton one morning in January 2014.

The recovery of the 75% pure stash, smuggled into the UK in a hidden compartment inside a Seat Leon, led to six conspirators being locked up.

Not only was Talbot “caught red-handed”, but his £1,000 PGP Blackberry phone was seized, which showed how the scheme was put together.

Such was the security afforded by PGP, prosecutors say Talbot was “radically under sentenced” when jailed for six and a half years in May 2014, for his significant role as a drug “courier”.

Messages on the device suggested the then 22-year-old – who used the codename “Zipit” – had hopes of importing 24kg of cocaine a month and was actually “the undoubted coordinating leader of the UK arm of the operation”

However, this evidence wasn’t unearthed until a year after he was jailed, when the phone was decrypted “to a degree”.

Emails were then recovered from the handset, from which Talbot’s co-conspirator – most wanted fugitive Dominic McInally, aka “Pilsner” – was identified. He was finally arrested at a Marbella strip club in 2020.

At McInally’s sentencing in March this year, Liverpool Crown Court heard how an officer saved these emails, but after a day working on extracting more content, she went home for the day.

Jordan Talbot, 29, of Elson Road, Formby
Jordan Talbot, 29, of Elson Road, Formby

Ian Harris, prosecuting, said: “When she returned to it the following morning the remaining messages couldn’t be viewed. Another expert in the Metropolitan Police was unable to retrieve any further information.

“The handset had been, unbeknown to the police, programmed to remotely wipe its contents after a set period. This being an extra layer of security used by this type of phone to avoid detection by law enforcement.

“Powering on the device in order to recover the messages had inadvertently started the clock on this ‘wipe period’. The phone had wiped its memory. This explains why the PGP system was so important for serious criminals.”

One such serious criminal who relied on a PGP phone in the mid-2010s was assassin for hire Mark Fellows, aka “The Iceman”.

Gangland murderer Mark Fellows.
Gangland murderer Mark Fellows

On the evening of Sunday, July 26, 2015 he murdered Manchester’s ‘Mr Big’ Paul Massey in a hail of machine gun fire, outside the victim’s Salford home.

At Fellows’ murder trial in Liverpool, a jury was told just hours before that gangland hit, he went out with his girlfriend and children for a family meal.

CCTV footage from the Red Lion Pub in Swinton captured one of his young children playing with his PGP Blackberry.

High Court judge Justice Davis would later tell Fellows: “The casual indifference you had for what you did in July 2015 is best summed up by the fact that you made the final arrangements for the murder of Paul Massey as you sat having a meal with your partner and your young children in a nearby pub.

Video Loading

Video Unavailable

“It was within two and half hours of that family meal that you shot Mr Massey in cold blood.”

By 2016, European authorities were starting to have more success breaking PGP-encrypted messages and identifying the criminals using them.

Dutch police seized a company’s server, which they said contained data belonging to criminal groups and, after accessing all of the messages on it, a wave of arrests of suspects accused of providing encrypted services to criminals followed.

High profile users of the phones also soon found themselves behind bars.

One person caught was ‘The Maniac’, a gangster from Liverpool sentenced over a grenade and hostage plot in The Netherlands, whose real identity has never been disclosed.

A phone loaded with Encrochat software.
A phone loaded with Encrochat software

The rise of EncroChat

With the reputation of PGP devices now in question, criminals began to look for a new way of ensuring their activities could remain undetected.

Three years after taking out one of Manchester’s most notorious men, Fellows executed Massey’s close friend, Everton-born “gangland enforcer” John Kinsella.

Now acting with the help of a “spotter”, Steven Boyle, on the morning of May 5, 2018 he targeted the dad-of-two, who was out walking his dogs in Rainhill.

The contract killer shot Kinsella four times, in front of his pregnant partner, on a country lane near junction 7 of the M62.

Liverpool’s courts are some of the busiest in the UK, with a huge variety of cases being heard each week.

To get a behind the scenes look at how they work and the moments that don’t make our stories, subscribe to our free weekly Echo Court Files newsletter, written by court reporters Neil Docking and Lauren Wise.

How do I sign up?

It’s free, easy and takes no time at all.

  1. First just click on this link to our newsletter sign-up centre.
  2. Once you’re there, put your email address where it says at the top, then click on the Echo Court Files button. There are other newsletters available too if you want them as well.
  3. When you’ve made your choice, press the Save Changes button at the bottom.

Boyle had waited in a nearby lay-by and alerted Fellows the kill was on via their sophisticated and “extremely expensive” Dutch EncroChat phones.

EncroChat devices were first seen by detectives in the UK in 2016 and by 2017 had become the “market leader”.

As part of our coverage of Fellows and Boyle’s murder trial in January 2019, the ECHO laid bare the extraordinary abilities of EncroChat devices, their value to the criminal underworld, and how they had usurped PGP.

We revealed how all incriminating information could be wiped from them, even if they were seized by police, with a “kill pill” feature.

Both Fellows and Boyle owned Aquaris X phones pre-loaded with the software. As Boyle told the jury: “No-one even owns a normal phone these days.”

Liverpool’s criminal underworld exposed

He also revealed he had travelled to Liverpool to buy his EncroChat device, which cost up to £1,500 for just six months’ use.

EncroChat, which openly mocked PGP on its website, said its phones boasted an impressive array of features.

If a police officer asked for the PIN, the criminal could give them a “duress code”, which would wipe the device.

This could also be done remotely with the “kill pill” and messages had a “burn time”, after which they would expire.

In the Massey and Kinsella trial, evidence on EncroChat devices was provided by expert witness Detective Constable Elliot Humphrey, of the Metropolitan Police.

Remarking on the “explosion” in their use, Det Con Humphrey outlined just why they are a nightmare for police, stating: “These are an evolution.

“The developers have perfected secure private communication.”

Quizzed further, the detective described how EncroChat phones are delivered by top tier crooks to their wholesale drug dealers – found wrapped in with one kilo packages of cocaine.

Putting it bluntly, he added: “No investigation is complete without one at the moment.”

It was no surprise then perhaps that when Jordan Talbot was released from prison in April 2017, he soon turned to EncroChat to assist his next drug plot.

A picture of a kilo of cocaine shared on EncroChat by Jordan Talbot's gang.
A picture of a kilo of cocaine shared on EncroChat by Jordan Talbot’s gang

The crook from Formby became the “top level controller” of a 500-kilo Class A enterprise, conservatively valued at £27m, using the EncroChat handle “LittleNev”.

Talbot, like many others using EncroChat, believed he was “untouchable”.

That misplaced confidence was destroyed in April 2020, when Dutch and French investigators hacked around 10,000 EncroChat devices in Operation Emma.

The discovery of a server used to run EncroChat in the French city of Roubaix in late 2019 led to the prosecutors developing software to obtain the secret data.

The warning sent out to EncroChat customers on June 12 the company realised they had been hacked
The warning sent out to EncroChat customers on June 12 when the company realised they had been hacked

An implant placed on every EncroChat device in the world collected the codenames users went by, any messages and notes stored on their handsets, and Wi-Fi hotspots near each device, before messages sent across the network were retrieved.

The National Crime Agency (NCA) – the UK’s highest profile crime-fighting force – was handed this data.

It wasn’t until June 13, 2020 that EncroChat alerted its clients, when the firm sent out a message telling users to ditch their handsets immediately.

By July, when the hack was announced, the NCA’s Operation Venetic had already led to 746 arrests and the seizure of £54m, 77 firearms and more than two tonnes of drugs.

There were 60,000 EncroChat users identified by the NCA, with 10,000 in the UK, and several hundred – possibly as many as 1,000 – on Merseyside.

Undated handout photo issued by the Metropolitan Police of a firearm and ammunition seized in Operation Venetic.
Undated handout photo issued by the Metropolitan Police of a firearm and ammunition seized in Operation Venetic.

Operation Aquarium – the Merseyside Police arm of Operation Venetic – has seen dozens of arrests, with guns, ammunition, cash and drugs seized.

Execution and kidnap plots are also said to have been thwarted.

Can you help us keep Merseyside covered?

A spate of EncroChat cases have come before our city’s courts this past year, each more revealing than the last.

Last week it was Talbot’s turn to face justice, when he was jailed for 21 years and nine months, over the biggest EncroChat drug case dealt with so far.

Talbot’s gang sent messages on EncroChat until the day he and his crew realised that the system had been compromised.

Police officers raid a house as part of Operation Venetic, the UK investigation into EncroChat, a military-grade encrypted communication system used by organised criminals trading in drugs and guns..
Police officers raid a house as part of Operation Venetic, the UK investigation into EncroChat, a military-grade encrypted communication system used by organised criminals trading in drugs and guns.

In a message to his underworld accountant – a Merseyside man known only as “DampHedge” – Talbot moaned: “EncroChat is f***ed the plod cracked them yesterday. The whole network got turned off.”

Talbot said: “I’m trying to sort out Skys now.”

Andrew Thomas, QC, prosecuting, said Sky devices were an alternative form of encrypted system, adding: “In one last message he discussed getting replacement handsets distributed to DampHedge and other conspirators.”

Sky devices also featured in the case of BT engineer Daniel Wilson, who lived a double life as a cocaine and heroin trader known on EncroChat as “NormalAir“.

Daniel Wilson, 33, was jailed for seven years and eight months for his part in a drug dealing conspiracy
Daniel Wilson, 33, was jailed for seven years and eight months for his part in a drug dealing conspiracy

He was jailed for seven years and eight months this week, when a court heard messages he sent to an unknown dealer known as “ShandyDirector” in May 2020.

Sky falls in for global brand

Charles Lander, prosecuting, said the pair discussed whether they should switch to Sky phones, adding: “The defendant says that his ‘mate in Spain’ only uses the ‘Sky’ phone communication and that he should perhaps ‘get on it’ as ‘most lads round ere on this’, i.e the Encro phones.”

For more than a decade, Sky Global – whose servers were based in Canada and France – offered software installed on handsets including iPhones, Google Pixel, Blackberry and Nokia devices.

When EncroChat fell, Sky looked set to benefit. But its brief reign at the top is already over.

Daniel Wilson, 33, was jailed for seven years and eight months for his part in a drug dealing conspiracy
A photo of cocaine recovered from Daniel Wilson’s chats

In March this year, Belgian and Dutch police arrested at least 80 people in a day of raids, after they and French authorities hacked into the Sky network.

In Belgium alone, police arrested lawyers, members of the Hells Angels, serving police officers, an employee of the public prosecutor’s office, civil servants, tax officials and hospital administrators suspected of providing information to gangs, and people suspected of gang-related violence.

Europol and its judicial twin agency, Eurojust, announced French law officials had identified about 2,000 users of Sky, “allowing for procedures to be opened relating to large-scale drug operations and attacks on people”.

Police said they had been monitoring the information flow of around 70,000 Sky users worldwide since mid-February and intercepted around a billion messages.

The Belgian police said the network they had broken into was so trusted by its criminal users that images of torture, execution orders, insider financial and operational information were freely sent.

Sky ECC denied it had been hacked and said phoney devices sold through unauthorised channels had been compromised by a phishing application – reiterating that it had a “strict zero-tolerance policy that prohibits any criminal activity on its platforms”.

However, Europol spokesman Jan Op Gen Oorth said after EncroChat was hacked “many criminals decided to move over to Sky ECC”.

He said: “But police cracked that too, and it was like being able to look over the criminals’ shoulders as they were sending messages in real time.

Europol headquarters on Eisenhowerlaan in The Hague.
Europol headquarters on Eisenhowerlaan in The Hague

“The latest breakthrough and arrests so far is just the tip of the iceberg. Many more are going to follow.”

They did, including Sky Global’s CEO, Jean-Francois Eap, and a former distributor of the devices.

The firm shut down its operations and its website was seized by the FBI.

Eap was indicted by the United States Department of Justice, which said: “Sky Global’s devices are specifically designed to prevent law enforcement from actively monitoring the communications between members of transnational criminal organisations involved in drug trafficking and money laundering.”

The indictment alleges that for more than a decade, Sky Global generated hundreds of millions of dollars in profit by creating, maintaining and controlling a method of secure communication to facilitate the importation, exportation and distribution of heroin, cocaine and methamphetamine into Australia, Asia, Europe, and North America.

Pictured is Liverpool Crown Court

We have launched a Facebook group to bring you the latest stories from court all in one place.

It will feature reports from Liverpool Crown Court and cases connected to Merseyside.

To join and get updates, click here.

You can also follow our court reporter’s Facebook page.

Sky is also said to have used digital currencies, including Bitcoin, to facilitate illegal transactions on the firm’s website, to protect its customers’ anonymity, and to facilitate the laundering of the customers’ ill-gotten gains.

Operation Trojan

It has now emerged that another encrypted service, Anom, which had risen in popularity since the collapse of EncroChat and Sky, has been in the hands of the FBI ever since 2019, when the man who developed it became an informer.

More than 12,500 underworld customers worldwide are said to have been fooled in a spectacular coup, after US and Australian law enforcement worked together to decrypt some 29 million messages.

Around 300 criminal syndicates operating in more than 100 countries, including Italian organised crime, outlaw motorcycle gangs and international drug traffickers, were identified.

Stories from Liverpool Crown Court

This week, following high profile raids across Sweden and the Netherlands, the two-year global sting – known as Operation Trojan Shield – was finally revealed.

Europol said the takedown of Sky in March was actually a strategic move, to push its users onto the FBI-controlled Anom.

It said the information analysed to date had already resulted in 800 suspects being arrested and the seizure of eight tonnes of cocaine, two tonnes of amphetamines, 22 tonnes of cannabis, 250 firearms and $48 million in cash or cryptocurrency.

That is thought to be just the tip of the iceberg.

And criminals from Merseyside to Milan are now waiting for police to knock at their door.

Source link

Tinggalkan Balasan

Alamat email Anda tidak akan dipublikasikan. Ruas yang wajib ditandai *