SKY ECC encrypted chat service used by 70,000 criminals on secure phones was hacked by EUROPOL

European law enforcement agencies made multiple arrests thanks to a joint operation involving the monitoring of some encrypted communication channels due to the hacking of the Sky ECC network, primarily used by organized crime groups.

Sky ECC operators claim that this is a completely secure messaging platform and is currently employed by around 170,000 people worldwide, with servers in the U.S., Canada and some European countries where around 3 million messages are distributed a day.

In this regard, Europol issued a statement introducing the benefits of this joint operation: “The unlocking of Sky ECC will allow access to information shared between multiple cybercriminal groups operating in the European Union, which will allow law enforcement agencies to present strong cases with clear evidence and resolve complex criminal cases over the coming months.”

This investigation began when the Belgian authorities confiscated some smartphones with Sky ECC. Some specialists managed to unlock encryption in this application to monitor the communications of at least 70 thousand users of this platform through hundreds of thousands of messages: “Continuous monitoring of this illegal tool has provided us with invaluable information about certain criminal groups,” Europol adds.

Using this information, police agencies in the Netherlands and Belgium obtained search warrants for multiple locations, which were deployed on Wednesday, March 9. 

This is certainly a big step in the fight against cybercrime, although it is not the first incident in its class. A year ago, European police agencies also arrested hundreds of suspects after successfully deciphering the EncroChat communication platform. In fact, Sky ECC’s popularity increased over a very short period of time largely due to this incident.

Moreover, the operators of this platform have demented the Europol version: “The SKY ECC platform remains secure and no authorized SKY ECC device has been hacked,” a security alert mentions on its website. “On 8 March 2021, SKY ECC received a notification of several articles published in Belgium and the Netherlands alleging that the authorities in the above-mentioned countries had deciphered our security mechanisms; we want to make it clear that all these reports are false.”

Sky ECC added that no judicial or police authority approached with respect to this investigation. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) website.