Eurocops take down 'secure' criminal chat system known as Matrix
They took the red pill
Updated French and Dutch police have taken down the Matrix chat app, which was designed by criminals for criminals to be a secure encrypted messaging tool.
Cops in the Netherlands discovered the existence of Matrix while investigating the 2021 murder of crime reporter Peter de Vries, who was looking into the Moroccan mafia at the time. When the app's central servers were found to be in France, the Dutch and French plod formed a joint task force and together they managed to compromise the messaging system and read crooks' conversations. How that infiltration was achieved has not yet been publicly explained or divulged.
According to Europol, the app was significantly more advanced than other such criminal chat software. It was invitation-only, strongly end-to-end encrypted, and users would have to pay between €1,300 and €1,600 ($1,400 to $1,700) for a six-month subscription.
"It was soon clear that the infrastructure of this platform was technically more complex than previous platforms such as Sky ECC and EncroChat," Europol explained Tuesday. "The founders were convinced that the service was superior and more secure than previous applications used by criminals."
- Cops' total pwnage of 'secure' EncroChat nets 6,500+ arrests, €740m in funds – so far
- Cops drill into chat apps, sink plot to smuggle tonnes of coke into Europe
- UK cops score legal win in EncroChat snooping op
- CISA barred from coordinating with social media sites to police misinformation
The task force found Matrix was operating on around 40 servers scattered throughout Europe, and had around 8,000 users. In a three-month operation officers managed to harvest from those machines 2.3 million messages in 33 languages – mainly discussions about money laundering, illegal arms deals, and drug trafficking, we're told.
That data is presently being scrutinized and investigations are ongoing.
Not the first time
When the Euro cops subverted the supposedly secure EncroChat messaging system in 2020 they found a wealth of data – including one particularly stupid corrupt British police analyst. Since then, the snared messages have led to the arrests of 6,558 people worldwide and the seizure of nearly €740 million ($776 million).
A year later there was more chat-cracking success when the Sky ECC communication system was successfully penetrated. In September of this year, the police pulled the same trick on the Ghost messaging system, leading to more criminals having their details exposed to investigators.
Around 8,000 people are having a really bad day ... The splash screen shown in the Matrix app after police compromised the network – Click to enlarge. Source: Europol.
With Matrix, the first users knew about the police action was when they met a splash screen that announced the shuttering of the service.
"It's inevitable," the screen proclaims. "It's not the first time and will not be the last time we were able to read the messages in real time. We gained access to data related to this service and our investigation does not end here."
To coincide with this warning, coppers in Germany and France took down the main servers, and there were also raids in the Netherlands, Lithuania, and Spain, which led to three arrests. More will undoubtedly follow. ®
Updated to add on December 4: No connection to Matrix protocol
Europol was in touch with The Reg overnight to ensure no one imagined the "Matrix" app had any connection to the open protocol for secure decentralized comms of the same name, saying: "The Matrix protocol (matrix.org) is by no means connected to the Matrix secured communication service that was targeted in OTF Continental."
Matthew Hodgson, technical co-founder of the Matrix open standard, told us: "This has nothing to do with the Matrix protocol; it's just an unfortunate naming coincidence."