Phone company

A look inside Anom, the phone company secretly used in an FBI honeypot

Piracy. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reports on the dark underbelly of the internet.

A video shows a row of jet black telephones placed side by side on a wooden table. A white cable comes out of each phone, wraps around itself to the table, and connects to a bunch of other cables before connecting to a nearby desktop computer. The camera pans to the right, revealing a cheap keyboard and more phones. There are maybe fifteen in all.

The person filming the video reaches out and touches one of the devices, as if to show off their work. They turn around and show a second table with 15 other phones plugged into another computer. A small bonsai tree sits on the top edge of the desk.

Finally, the video shows stacks and stacks of boxes, positioned on top of each other, ready to ship the products.

This is a look at Anom, an encrypted phone company that, unbeknownst to its staff, secretly sent a copy of every message on the phones to the FBI and Australian police. Anom’s clients were members of hundreds of different organized crime groups around the world, according to court records. This particular video was filmed by an Anom salesperson who loaded phones with the company’s custom software to then send to customers.

Videos, files and other documents obtained by Motherboard show the bureaucracy and structure of Anom. When Reece Kershaw, Commissioner of the Australian Federal Police (AFP), spoke a press conference on the operation in June, he said law enforcement had “run” the business. But these documents complicate this narrative and show that the company apparently operated somewhat autonomously.

“We were never told that this project was going to be in the middle of all of this,” a developer who worked for Anom told Motherboard, referring to the secrecy that phones send their messages to authorities. Motherboard granted the source anonymity to protect it from retaliation. The developer said Anom management told them that their customers were businesses. “These are our customers. That’s what we’ve been told,” they said.

Several years ago, Anom’s creator, a convicted drug dealer, offered Anom to the FBI for his own use in investigations during the early stages of the company’s founding, according to court records. The authorities and the creator then introduced the feature to surreptitiously intercept users’ messages. Earlier this year The motherboard got one of the Anom devices of the secondary market. As well as hiding the Anom communications platform behind the phone’s calculator app, the device also had a dummy operating system loaded with mundane-looking apps that could be used to fool a casual observer. that the device was just a regular phone.

The creator of Anom used his trusted network of distributors who each distributed the phones to different geographic regions, according to court records. The rollout started as a localized beta in Australia, before expanding overseas and eventually globally to around 11,800 phones. Distributors also had their own agents who worked on their behalf, selling to individual users. Court records indicate that the creator controlled the distribution of the devices in consultation with the FBI.

Another person who worked for Anom told Motherboard that people working at the company had no knowledge of the Anom creator’s intention to secretly intercept messages.

A new document obtained by Motherboard shows the number of phones sent to different Anom distributors: 200 to a seller in Australia; 60 to another for Sweden; 10 for New Zealand, etc. The document includes the distributor’s username on the Anom platform and the type of phone that was shipped to them, such as a Pixel 4a. The document was used by Anom workers themselves to track the distribution of devices.

The document also shows that it was edited by Hakan Reis, also known as Hakan Ayik. Ayik is a suspected international drug trafficker whose prolific sharing of his wealth and opulence on social media earned him the name “The Facebook Gangster” in the Australian press. He was one of the main distributors who seeded Anom’s popularity in the criminal underworld, according to Australian authorities. australian police recommended that he surrender now due to the risk he faces of having inadvertently introduced a backdoor device into various criminal groups.

Do you know anything else about Anom? Were you a user? Did you work for the company? Did you work on the survey? We would love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on [email protected]or email [email protected].

Anom distributors could log in to a panel displaying all of their devices sold, along with each phone’s IMEI number, time remaining on its subscription, user’s nickname, country the person was based in, and which agent s cared for this particular client. , according to a video of the panel obtained by Motherboard. Here, distributors could also assign specific customers to agents. Distributors could also use the panel to generate a report of their work.

“This option allows you to generate a report on refunds, activations, and renewals for yourself and your agents within a date range,” reads a pop-up shown in the Portal video. This would allow distributors to see which of their salespeople were performing the best or not.

Other documents show specific addresses Anom delivered phones to, including locations in the UK and the US. The FBI said it does not monitor outgoing messages on devices in the United States. instead, the AFP monitored them for death threats, according to court records.

Screenshots show Anom workers having various group chats with each other to organize the business. The developer said his team uses the encrypted messaging app Wire to talk to each other.

Motherboard verified vendor panel video with someone who sold Anom phones; they said it was genuine. A person who worked on Anom’s development team said the video from the phones was not identical to another they had seen, but was similar.

Overall, the documents and other interviews show that Anom operated as a functional entity in its own right, with systems to track its sales, lists of resellers and the countries in which they operated, and support to help clients. In other words, apart from hiding secrecy from its staff, the FBI and Australian police used the system to monitor users.

“I had no idea it could be used by an organization like [the] FBI,” the developer said.

Subscribe to our cybersecurity podcast, CYBER. To subscribe to our new Twitch channel.