FBI Encrypted Devices Were Sold To Crime Groups

Share post:

Authorities recently revealed that the FBI and Australian Federal Police secretly operated an “encrypted device company” called “Anom,” which sold 12,000 smartphones to crime syndicates worldwide.

These phones were originally secure devices that relayed all messages to a server owned by the FBI.

The FBI has weaponized what the Android modding community has been doing for years.

Some Android phones have unlockable bootloaders that can be used to erase the original operating system and replace it with a custom build of an operating system called a custom ROM.

FBI’s custom ROM displays an “ArcaneOS” boot screen, and it replaced the normal Google Android distribution with the FBI’s skin of Android 10.

The selling point for alleged criminal groups was that the security-oriented devices had a lot of fun security theater.

A “pin scrambling” feature would change the order of the lock screen numbers so that no one could guess the code based on screen smudges.

The compromised phones of the FBI show some red flags that a tech-savvy user should recognize.

When launching an Android phone, the first check that happens is Verified Boot, which ensures that the operating system is cryptographically signed by the device manufacturer, which guarantees that it has not been tampered with.

If a device fails verified boot, either because it has an unlocked bootloader or a newly locked bootloader with manipulated software, it will display a message during startup. In this case, the FBI devices will display a message saying, “Your device is loading a different operating system,” complete with a yellow exclamation mark and a link to a Google support page at g.co/ABH.

The FBI modified a lot of the core Android operating system by removing helpful Android settings that could reveal the device’s true purpose.

The system settings for apps, storage and accounts have all been removed and there is now no way to see a list of all installed system apps where users might discover something suspicious like “FBI_Spyware.APK.”

The FBI also deleted the “Location” settings to prevent users from turning off GPS tracking.

The device also has the Play Store or other Google apps, and except for a watch and the calculator app which leads to a compromised chat app, no other apps worked.

For more information, read the original story in Arstechnica.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, March 27, 2024 – A botnet exploits old routers, a new malware loader discovered, and more warnings about downloading code from...

This episode reports on a new network of 40,000 infected small and home office routers and other devices that are part of a criminal botnet

Cyber Security Today, March 25, 2024 – A suspected China threat actor going after unpatched F5 and ScreenConnet installations

This episode reports on a new campaign stealing email passwords ,the latest data breaches

A hacker’s view of the civic infrastructure: Hashtag Trending, the Weekend Edition for March 23rd, 2024

What does the civic infrastructure look like through the eyes of a hacker? The legendary general Sun Tzu in the Art of War said that in order to defeat your enemy, you must first understand your enemy. How do you do this? He said, “to know your enemy, you must become your enemy.” If we

Cyber Security Today, Week in Review for week ending Friday, March 22, 2024

This episode features discussion on lessons learned from the ransomware attack on the British Library, advice for managing expectations of IT/security teams, why firms are leaving Google Firebase unprotecte

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways