New York Post : FBI encrypted phone app leads to hundreds of global underworld arrests
grarpamp
grarpamp at gmail.com
Tue Jun 8 02:52:10 PDT 2021
GoldBug Messenger is still out there doing really
scammy things too, never audited, never reproducibly
compiled, authors caught lying, censoring users,
never responding to questions, trolling sensitive lists
to install and use it, etc.
https://duckduckgo.com/?ia=web&q="an0m'
https://webcache.googleusercontent.com/search?q=cache:
https://archive.org/
https://anom.io/
The TLA's "seized" their own domain,
a scam inside of a scam, lol.
https://anomexposed.wordpress.com/2021/03/29/anom-encrpted-scam-exposed/
ANOM ENCRYPTED SCAM EXPOSED
Posted bycanyouguess67March 29, 2021March 29, 2021Posted inUncategorized
ANOM EXPOSED VS CIPHR
I did a comparison between both CIPHR and ANOM after receiving a
message stating ANOM was this and this while CIPHR was able to be
infiltrated (which is not TRUE) so I decided to do some of my own
testing.
To deliberate let’s start with some answers to some of the statements
made by ANOM:
– Yes Ciphr does use UEM but they are incorrect about an EXPLOIT being
made by Blackberry as every update via UEM that is remotely pushed to
the mobile device would need to be individually signed by the
encrypted keys that Ciphr setup for their own infrastructure. Only
Ciphr has access to these keys
– A Device is signed individually with it’s own set of keys derived
from Ciphr and delivered via Blackberry UEM working in unison with the
Samsung Knox Security System. Not even Blackberry can push updates
without this signed key by Ciphr for applications running on Ciphr
phones. Ciphr phones are also locked down with custom policies to
prevent them from doing something without prior authorisation by
Ciphr. This is an ENTERPRISE MILITARY GRADE Encrypted setup.
– Correct Ciphr does use the Stock Android Operating system with
special Enterprise level Encryption and customisations on their
network as well as their handsets which also include hardening making
it one of the most secure handsets in the World. Custom group policies
implemented by Ciphr also prevent access to anything other than the
BLACKBERRY UEM Server which is a tunnel which then connects to the
Ciphr Offshore Proxy Server via a secure and Encrypted Military Grade
Encryption. Updates can only be authorised by Ciphr making it one of
the most secure and locked hardened locked down handsets in the World.
All applications must have authorisation from both Ciphr & their
Enterprise grade policy level settings modified with the Ciphr Access
Keys to access anything beyond the Blackberry UEM Firewall & the Ciphr
Encrypted Offshore Servers. Even if Blackberry UEM was somehow
compromised, due to Blackberry’s inability to sign with the Ciphr
Encrypted Key then it would still not be possible to force compromised
updates to any Ciphr devices whatsoever.
-ANOM this statement about Rooting is incorrect, Rooting is required
to install a custom android operating system on any pixel device or
android device any device unless it has been signed specifically by
the handset manufacturer. Anom has initially rooted their device by
simply unlocking the android boot loader which secures file integrity
and then installed their own custom android operating system followed
by locking the boot-loader again with their own keys, much like we
have our own signed keys for using Blackberry UEM, ANOM has their own
keys for the Operating System. According to my testing ANOM’s custom
android OS unfortunately has many more evident flaws within it’s
design and updates a lot less than the regular stock Android OS making
it physically vulnerable if it were to get into the wrong hands not to
mention it has no custom group policies or built in firewall to stop
the android os operating system from accessing google remotely. In
fact upon a visual DISPLAY of all telecommunication connections I was
quite concerned to see the amount of IP addresses relating to many
corporations within the 5 eyes Governments (Australia, USA, Canada,
UK, NZ who share information with one another) and to make matters
worse they were direct connections to the actual proxy servers etc
giving me the ability to locate their remote offshore Romanian Server
with an IP of 193.27.15.41:
ip: “193.27.15.41”
city: “Bucharest”
region: “Bucureşti”
country: “RO”
loc: “44.4180,26.1691”
org: “AS9009 M247 Ltd”
postal: “020331”
timezone: “Europe/Bucharest”
– ANOM is wrong to state that their Android Operating Systems purpose
is built for Privacy and Security. Some google services are not
removed or blocked by even a VPN or Firewall.
-This setup used by ANOM gives Google the ability to fingerprint their
device and monitor it remotely in a DIRECT way with no safeguards in
place at all via the internet. The ANOM device I tested professionally
was actually in constant contact with Google servers which was quite
concerning. The following IP’s 216.58.200.99 & 142.250.70.196 both
lead back to Google servers in both NSW, Australia and California,
USA.
– ANOM has a setup more vulnerable to attack as they don’t even use a
secure VPN or FIREWALL to even safeguard the use of their APPLICATION
remotely, that means imagine you were meeting up with someone like an
EX-LOVER your partner may not approve of (much like a VPN protects you
from outside entities seeing which websites or messaging systems you
use) you would do this behind closed doors within the confides of a
HOTEL room.
– With ANOM’s setup imagine meeting up with that particular EX-LOVER
your partner didn’t approve in full public sight with no safeguards in
place. Eavesdroppers who may be seeking to find ANOM users over the
mobile telecommunications network. ANOM easily gives this information
away when their phones are constantly BROADCASTING without the ANOM
application even being opened on their devices to the following IP
addresses 99.83.192.129, which leads to anom.io and then while using
their service the following IP’s are leaked constantly as packets
while using the application:
75.2.32.148 – amazon web server USA – Proxy
35.171.36.131 – Amazon Web Servers – Proxy
76.223.70.181 – Amazon Web Servers – Proxy
35.176.253.60 – Amazon Web Servers – Proxy
75.2.90.136 – Amazon Web Server USA – Proxy
169.46.82.180 – logs5.papertrailapp.com – Remote Logging App
216.58.200.99 – Google Servers
142.250.70.196 – Google Servers
99.83.192.129 – anom.io – This is shown without even opening up the
application within Calculator
13.248.215.128 – Voiceping router (Used most likely for their Walkie
Talkie Talk Function) – voicepingapp.com
– If for some particular reason an update server was somehow breached
and malicious code was uploaded, it still would not make it to a CIPHR
device as the update/application needs to be signed with the CIPHR
keys before it can even be sent by Blackberry UEM Encrypted Server.
– Sky ECC can only be infiltrated from the INSIDE by a rogue employee
who gave authorities access to the Sky Signed Certification Keys which
gave authorities the ability to access the Sky System and locate their
servers and push rogue updates without the Sky Developers knowing
until the as it was officially signed with their certificates without
their knowledge due to a rogue employee working on the inside.
– According to ANOM their statement “If our update server was hijacked
as was the case with ENRO and SKY the attacker would not be able to
install malicious code on the device. The same cannot be said for
providers that use consumer grade operating systems managed by
Blackberry UEM” is vastly incorrect.
— CIPHR runs both the Blackberry UEM VPN and their own Secure
Encrypted Offshore Servers alongside Customised Enterprise Grade Work
Policies which limits the devices functionality for both Enterprise
Safety and Security. In fact much like what occurred with
unfortunately ENROCHAT when their servers were infiltrated bypassing
the Blackberry UEM altogether the same can easily be said for ANOM who
don’t even use a VPN to safeguard anybody actually using ANOM. If you
knew a person used ANOM you would easily be able to identify all users
over the normal telecommunications network without decrypting any of
their communications at all, something you cannot simply do with CIPHR
let alone know that particular individual is actually using a CIPHR
phone, true anonymity,
-ANOM have incorporated many features from already available apps such
as the VOICEPING APP meaning you also have to rely on VOICE PING APP
for securing your encrypted communications which works with their
Walkie Talkie Functionality, there are a lot of similarities between
that application and ANOM, something which appears to worry anyone if
PRIVACY and ANONYMITY are your number 1 goal. With ANOM I was able to
locate all of their PROXY servers including their MAIN servers with
minimal ease, all operating within the 5 eyes alliance. About the only
thing ANOM is good at is spreading misinformation without presenting
the facts.
ANOM uses the following for their application:
– JIRA for tracking tasks as well as Q & A
– Wire Messenger (Free application like wickr) for Communication
(Their head office is in the USA)
– Agile Development
– Jenkins for their builds when they push updates (Your relying on
ANOM to secure your communications when they can’t even secure their
own servers from eavesdropping).
– SQL Lite Database for storing USERS Information
– Now if ANOM is so serious about safety and security I would fix
their entire setup which seems just as bad as a normal android handset
running WICKR. If the authorities were to access ANOM’s server of
193.27.15.41 in ROMANIA which is a third world country that may state
they take privacy seriously but as the old saying goes “shit walks,
money talks” they could easily infiltrate their Offshore Romanian
Server and install special hardware devices on those servers without
ANOM’s knowledge.
Authorities could completely infiltrate every users devices as well as
their operations and worse of all authorities would have the ability
to decrypt and intercept their messages much like what occurred with
ENROCHAT. . ANOM states they own the infrastructure but this couldn’t
be further from the truth, they lease their servers off other entities
meaning they do not have full control over their servers. Another way
they could infiltrate ANOM is by getting access to FIELDX.io who most
likely built their customised Android OS as the company is owned by an
individual in FRANCE, obtaining a warrant would not be difficult.
– To finish off my testing I did in fact perform the same tests on
CIPHR and the only server I was able to see was the Blackberry UEM
Encrypted VPN, nothing more or less. This is perfectly legal and to
any outside entities monitoring they would not even be able to tell
whether your communication device was for CIPHR or other Enterprise
related purposes.
– ANOM also states their company is in PANAMA, that may be the case
but their servers are not located in PANAMA let alone owned by them
which means any reasonable authority would be able to access their
servers with relative ease.
More information regarding ANOM:
anom.one 75.2.32.148
anom.one 99.83.192.129
conference.anom.one 75.2.32.148
conference.anom.one 99.83.192.129
share.anom.one 75.2.32.148
share.anom.one 99.83.192.129
logging.anom.one 18.134.176.181
talk.anom.one 75.2.25.172
xmpp.anom.one 75.2.32.148
xmpp.anom.one 99.83.192.129
genesis.anom.one 18.134.176.181
vpprxy.anom.one 76.223.70.181
vpprxy.anom.one 13.248.215.128
www.fieldx.io (used to control the ANOM DEVICES)
STAY AWAY FROM ANOM IF YOU VALUE YOUR PRIVACY & SAFEY, THEY ARE
COMPROMISED, LIARS AND YOUR DATA IS RUNNING VIA USA – Passed onto LAW
ENFORCEMENT and other Entities
Posted bycanyouguess67March 29, 2021March 29, 2021Posted inUncategorized
"
https://www.dailymail.co.uk/news/article-9662457/ANoM-AN0M-app-Australian-Federal-Police-Operation-Ironside-Blog-post-placed-sting-jeopardy.html
https://www.dailymail.co.uk/news/article-9663125/Fake-encrypted-app-cooked-beers-Aussie-cops-FBI-leads-global-sting.html
"the idea for the app, called AN0M, was hatched by American and
Australian law enforcement officers “over a couple of beers” in 2018.
Undercover Australian agents would give phones with the AN0M app
pre-installed to certain high-level criminals who recommended the app
to their associates.
The phones could not make calls or send emails, and they could only be
obtained through the black market. They also gave authorities access
to up to 25 million encrypted messages in real time.
"
"
How Australia's biggest organised crime sting - which yielded
mountains of drugs, cash and guns - was almost blown when tech blogger
warned the fake AN0M app being used to spy on mafia and bikie figures
was a SCAM
Blogger pointed out in March that the FBI-designed ANoM app was a 'scam'
'THEY ARE COMPROMISED, LIARS AND YOUR DATA IS RUNNING VIA USA'
Development casts Australian Federal Police announcement in new light
AFP revealed 224 people arrested across country as part of
Operation Ironside
Sting centred around the use of ANoM branded phones and messaging apps
Criminals unknowingly used the tech, not realising police read
their messages
By Daniel Piotrowski for Daily Mail Australia
Published: 04:00 BST, 8 June 2021 | Updated: 08:47 BST, 8 June 2021
A secret Australian police operation using a fake app to spy on the
texts of senior mafia and bikie figures was put at risk when a tech
geek correctly accused it of being a scam months ago.
Authorities sensationally carried out the country's biggest ever
organised crime bust on Tuesday morning, announcing 224 people had
been arrested as a result of an elaborate sting using technology
designed by the FBI.
Some of Australia's most sinister criminal networks began using 'AN0M'
branded phones and encrypted messaging almost three years ago, not
realising the Federal Police were using the platform to read their
messages.
The app gained currency in the underworld after being promoted by drug
kingpins such as Australia's most wanted man, Hakan Ayik, after first
being distributed by police informants.
Through the covert operation, detectives allegedly uncovered 21 murder
plots - saving the lives of a family of five - and shut down gun
distribution and mass drug trafficking rings. Mafia bosses, bikies and
reality TV stars have been arrested..
A luxury Ducati motorcycle, Audi sedan, Rolex watches, ammunition,
bullet-proof vests, firearms and even memorabilia from the 1972 cult
classic The Godfather was seized from a number of properties.
However, Daily Mail Australia can reveal the operation was in jeopardy
of being compromised earlier this year - and authorities may have
wound it up earlier as a result.
In late March, an anonymous blogger known only as 'canyouguess67'
posted an article warning users to keep off ANOM for their 'own
safety'.
Mafia figures and bikies purchased ANoM-branded phones with encrypted
messaging technology already downloaded. When criminals used the
phones, the messages were intercepted by Australian Federal Police law
enforcement agencies
+14
Mafia figures and bikies purchased ANoM-branded phones with encrypted
messaging technology already downloaded. When criminals used the
phones, the messages were intercepted by Australian Federal Police law
enforcement agencies
An anonymous tech geek posted a blog online in March, titled 'AN0M
ENCRYPTED SCAM EXPOSED'
+14
An anonymous tech geek posted a blog online in March, titled 'AN0M
ENCRYPTED SCAM EXPOSED'
Blogger 'canyouguess67' posted a chilling warning to users of the AN0M
app on March 29, warning people: 'STAY AWAY .... IF YOU VALUE YOUR
PRIVACY & SAFETY'
Blogger 'canyouguess67' posted a chilling warning to users of the AN0M
app on March 29, warning people: 'STAY AWAY .... IF YOU VALUE YOUR
PRIVACY & SAFETY'
Among the items seized by the AFP was memorabilia from the 1972 cult
classic The Godfather
+14
Among the items seized by the AFP was memorabilia from the 1972 cult
classic The Godfather
Australia's biggest ever police bust has seen 3.77 tonnes of drugs,
$45 million in cash, guns, luxury cars, motorcycles and watches
pictured) seized
+14
Australia's biggest ever police bust has seen 3.77 tonnes of drugs,
$45 million in cash, guns, luxury cars, motorcycles and watches
pictured) seized
Ninja Warrior 2017 contestant Sopiea Kong was among those arrested.
The 33-year-old was charged last week following a raid at a Kangaroo
Point home, where police allegedly seized 154g of meth
+14
Ninja Warrior 2017 contestant Sopiea Kong was among those arrested.
The 33-year-old was charged last week following a raid at a Kangaroo
Point home, where police allegedly seized 154g of meth
A tactical police officer guards a handcuffed arrested man during a
raid. He was one of 224 people arrested as part of Operation Ironside
+14
A tactical police officer guards a handcuffed arrested man during a
raid. He was one of 224 people arrested as part of Operation Ironside
Another tattooed man sits on a bed guarded by police as officers
execute a search warrant on his home
+14
Another tattooed man sits on a bed guarded by police as officers
execute a search warrant on his home
'STAY AWAY FROM ANOM IF YOU VALUE YOUR PRIVACY AND SAFETY,' the
blogger wrote in an article, which has since been pulled down.
'THEY ARE COMPROMISED, LIARS AND YOUR DATA IS RUNNING VIA USA.'
In what now seems to be a telling clue, the blogger expressed serious
concerns about the fact that the AN-M device he had tested 'was
actually in constant contact with Google services' in both New South
Wales, Australia and California.
RELATED ARTICLES
Previous
1
Next
Inside the 'AN0M' bust: How fake encrypted app sting saw...
Operation Ironside 'piggybacked' gang chat
'I was quite concerned to see the amount of IP addresses relating to
many corporations within the Five Eyes Governments (Australia, USA,
Canada, UK, NZ who share information with one another),' he wrote.
Following a technical analysis, the blogger - correctly - recommended
people not use ANoM technology, warning authorities could 'completely
infiltrate every users' devices (sic) as well as their operations, and
worse of all authorities would have the ability to decrypt and
intercept messages'.
In an incredible twist, the unnamed tech blogger warned that they had
contacted law enforcement agencies with their concerns.
The blog, named 'ANOMEXPOSED', has since been taken down but it was
still publicly available via Google on Tuesday.
It is unclear whether the tech expert's concerns reached the ears of
the Federal Police or played a role in the project being sensationally
unveiled today.
The bust exposed new details about how one of Australia's most wanted
fugitives gave police extensive access to the world's criminal
underworld. Pictured: one man being arrested by AFP officers
+14
The bust exposed new details about how one of Australia's most wanted
fugitives gave police extensive access to the world's criminal
underworld. Pictured: one man being arrested by AFP officers
A tradie is seen kneeling with his hands tied behind his back after
being arrested following raids
+14
Millions of dollars in assets have been seized including this sparking
collection of expensive watches
A fire engine red Ducati which is also now in the possession of the
Australian Federal Police
+14
A fire engine red Ducati which is also now in the possession of the
Australian Federal Police
Prime Minister Scott Morrison said the AFP operation, known as
Operation Ironside, had struck a 'heavy blow' against organised crime.
'The operation puts Australia at the forefront of the fight against
criminals who peddle in human misery and ultimately, it will keep our
communities and Australians safe,' he said on Tuesday.
'Illicit drug use ruins lives and fuels organised crime.'
AFP Commissioner Reece Kershaw said federal agents had been in the
'back pockets' of criminals through the encryption app.
The idea, Mr Kershaw said, came over a 'couple of beers' between
officers and FBI agents years back.
'The FBI had the lead on this. We provided the technical capability to
decrypt those messages,' he said.
'Some of the best ideas come over a couple of beers.'
Ninja Warrior 2017 contestant Sopiea Kong was among those arrested.
The 33-year-old was charged last week following a raid at a Kangaroo
Point home, where police allegedly seized 154g of meth.
Kong, who was also allegedly in possession of $2,030 cash and a
revolver, was granted bail and will appear in court on June 28.
Former Bachelorette star Samuel Minkin, who appeared on Becky and Elly
Miles' season of the dating show, was charged with possessing a large
commercial quantity of cannabis after police stopped a van in Byron
Bay last month.
Former Bandito bikie Benjamin Joseph Thornton, 31, was arrested after
police seized two mobile phones and a small quantity of cocaine. He
was denied bail and will reappear in court next week.
What is ANoM?
On its glitzy website, the 'ANoM' phone looks like any new tech
innovation with sleek black lines, 'invite only' exclusivity and a
pledge to 'enforce your right to privacy'.
But its best feature - and for most of its users, the worst - wasn't
promoted in its marketing material.
The phone, which supposedly allowed encrypted communications safe from
the eyes of the law, was actually a cunning trap laid for a who's who
of organised crime.
The Australian Federal Police on Tuesday revealed a breathtaking
three-year tech ploy which led to 4,000 police executing 525 search
warrants.
'Enforce your right to privacy': This is how the ANoM website
advertised its product - with users not realising that law enforcement
officials could read each and every message
+14
'Enforce your right to privacy': This is how the ANoM website
advertised its product - with users not realising that law enforcement
officials could read each and every message
Senior bikies and mafia figures were tricked into buying hi-tech
phones that would supposedly let them messages one another, free of
police snooping.
But the ANoM phones were actually designed by the FBI and allowed
Australian police to read the texts of organised crime figures.
Police watched in real time as alleged crooks spilled their secrets to
one another on their own app.
Some 21 execution plots were foiled and drug and gun smuggling
networks dismantled.
Some 224 people have been arrested, $44,934,457 in cash seized, as
well as 104 weapons, 3.7 tonnes of drugs and multi-million dollar
assets.
Alleged crooks even paid six-monthly subscription fees to the police -
the money only further reinforcing law enforcement methods.
How did it all work?
Users could buy phone handsets costing between $1,500 and $2,500 from
what has been described as underground distributors.
The phones were stripped down - they couldn't even make calls, access
the internet or send emails.
What did do was send encrypted messages, photos and videos, using a
foreign SIM card to apparently avoid Australian data snooping laws.
Crooks could buy a six month subscription to use the app - the funds
raised unknowingly redirected to the police.
The app was invitation-only as of Tuesday morning - before the page
was sensationally taken down and replaced with a warning by the FBI
+14
The app was invitation-only as of Tuesday morning - before the page
was sensationally taken down and replaced with a warning by the FBI
Anom's Twitter account claimed the company was based in the famously
neutral nation of Switzerland
+14
Anom's Twitter account claimed the company was based in the famously
neutral nation of Switzerland
The app was accessed by entering a PIN number into the phone's
calculator, the stuff of spy dramas.
ANoM's website, which was only deleted about 10am on Tuesday, made the
technology sound bulletproof.
The company was apparently based in famously neutral Switzerland and
boasted of 'military grade encrypt and sanitise'.
For its encryption, it claimed to use 'OMEMO Double Ratchet Algorithm
... independently audited by Dutch security research group Radically
Open Security'.
That may have been an in-joke - as all the supposedly self-destructing
messages sent on the app was radically open to the Australian Federal
Police to read.
Australia's most wanted drug kingpin Hasan Ayik (centre) was
influential in spreading the AN0M app through his criminal networks,
it has been claimed
Australia's most wanted drug kingpin Hasan Ayik (centre) was
influential in spreading the AN0M app through his criminal networks,
it has been claimed
Police have been coy about just how Australian mafia and bikie figures
first came across the devices.
That is likely to remain a secret, as it involves police informants.
But what is clear is that the 'business' began to grow of its own
accord beginning in about October 2018.
Criminal 'influencers', including drug kingpin Hasan Ayik, eventually
became so enthralled by the technology they distributed the devices
around the world.
The Federal Police and even Prime Minister Scott Morrison have crowed
about the success of the scheme, rolled out in Australia due to its
world-first data snooping laws.
'This is as a warning to organised crime in Australia, and abroad –
the AFP and Australia's law enforcement agencies have a laser-like
focus in bringing them to justice,' Mr Morrison said.
But it is clear that AN0M is no secret anymore - with its details
splashed across some of the nation's biggest newspapers today and
hundreds of cases before the courts, many no doubt unaware that
someone was sounding the alarm about the app months ago.
This is how the Anom.io website looked as of late Tuesday morning
+14
This is how the Anom.io website looked as of late Tuesday morning
"
More information about the cypherpunks
mailing list