In the latest episode of The Verge podcast, cybersecurity journalist Joseph Cox unveiled an astonishing yet true story behind the FBI’s encrypted phone startup, Anom.
Historically, criminals, especially drug traffickers, operated covertly using encrypted communication devices to elude police scrutiny. This situation catalyzed the rise of an industry specializing in highly secure phones, predominantly utilizing BlackBerry smartphones, as highlighted by Joseph Cox.
A Lucrative Opportunity for the FBI
In 2018, the FBI found itself grappling with this issue. The U.S. intelligence agency had apprehended Vincent Ramos, CEO of Phantom Secure—a reputable player in the encrypted phone industry. They pressured Ramos to insert backdoors into Phantom Secure’s devices to access all messages from its 10,000 users, under the threat of continued detention.
Despite their efforts, the CIA could not install a backdoor into these devices. While this caused significant unease in the encrypted phone market, companies quickly realized they couldn’t continue with their existing models. The once thriving market for selling encrypted devices to drug traffickers waned significantly.
From a Proposal to a Fully Functional Enterprise
After Phantom Secure’s closure, 10,000 customers found themselves without devices to conduct illegal transactions. Enter “afgooye,” an individual who proposed collaborating with the FBI, claiming to create an encrypted phone company and offering it as a tool for federal investigations.
“This was a golden opportunity for the FBI,” said Cox. “Afgooye not only provided vital information on criminal enterprises but also handed them a tech startup.” The intelligence agency could develop it further, install backdoors, and conduct secret investigations. As part of the deal, afgooye requested immunity from future prosecutions.
Cox deemed this arrangement highly beneficial for the FBI and other authorities. They gained the ability to create their own backdoor without relying on Phantom Secure.
The Unique Phone for Criminals
In 2019, Anom was launched. On the surface, the device resembled a standard Google Pixel phone. However, internally, it was an FBI tool designed to monitor criminal activities. Anom quickly became a go-to communication service for organized crime, facilitating smuggling and other illicit acts.
Previous models of specially adapted Google Pixel 4a were sold on various classified websites, embedded with Anom messaging software to gather criminal conversation data.
The device required two PINs to unlock. One would reveal a standard phone interface with apps like Candy Crush, Tinder, Instagram, and Facebook, which didn’t function. The other PIN unlocked a different interface, featuring basic apps like a clock, a calculator (which was actually the Anom app), and settings, enabling criminals to communicate securely without fear of monitoring.
The device’s OS, coined “ArcaneOS,” was peculiar, lacking an app store and GPS services. Users couldn’t install additional apps, as explained by a source to Cox.
The system included features such as PIN scrambling to prevent third parties from learning the PIN and a data wipe function if the wrong PIN was entered too many times. Users could also configure the device to auto-erase after a period of inactivity, common in phones targeted at criminals.
The Demise of Anom Due to Its Success
Criminal groups trusted Anom’s encrypted messaging blindly. However, they were mistaken. Law enforcement agencies, including the FBI, monitored their communications, leading to hundreds of arrests in 2019.
International law enforcement, comprising the FBI, Australian and European agencies, collectively accessed over 27 million messages from 11,800 devices spread across more than 100 countries. Courts revealed that those allegedly involved in smuggling narcotics hidden within mundane items like tuna cans and hollow pineapples used Anom to coordinate extensive trafficking operations.
Running Anom, the CIA tackled issues typical of any startup: cloud services, production, logistics, customer support, and scaling. They hired developers unaware they were working for the FBI to resolve bugs and add new features.
They also managed technical infrastructure, including SIM cards, servers, and even logistical challenges like distributing the phones. At one point, they used a Gulfstream jet to transport Google Pixel phones to replenish stock in a specific region.
“Anom expanded to about 12,000 devices—a figure surpassing Phantom Secure’s scope, indicating that the FBI truly outperformed some criminal enterprises,” said Cox.
Afgooye fronted the company, making almost all decisions, from recruitment to software updates, but FBI oversight was constant, unknown to developers, dealers, and criminals.
“FBI built an encrypted smartphone perfect for criminals,” Cox recounted. “Its features made it highly desirable, and word-of-mouth among criminals spurred its adoption.”
Ultimately, Anom’s vast scale and growing user base complicated management. Additionally, suspicions arose among criminals due to the platform’s seeming perfection. Some began to perceive it as a potential trap. FBI knew this operation couldn’t continue indefinitely and decided to terminate it.
Following the successful arrests of 800 criminals, FBI shut down Anom and disclosed that it was a sting operation targeting criminals from the start.
Today, with the advent of apps like Signal, criminals no longer need specialized hardware like Anom smartphones. These developments pose new challenges for law enforcement agencies.
