Technological warfare: the drug traffickers' motive against the police's Trojan horses

Barcelona"Every time we see a Google Pixel, we think it could be a drug dealer." This quote comes from one of the National Police's anti-drug officials in Catalonia. Gangs are always one step ahead and take extreme security measures in their communications to avoid being discovered or giving clues or even evidence to the police. The Google Pixel is a mobile phone that has become popular among drug traffickers in recent years, along with the Graphene OS operating system, which allows for encrypted communication that is impossible for the police to trace. Furthermore, these devices are designed to be formatted if you enter the PIN incorrectly several times. To avoid losing information on devices seized from drug traffickers, the police isolate the mobile phones in special bags to prevent them from making a mistake. reset remotely and erase all traces of their criminal activity.

The Google Pixel is one of the many examples of devices used by organized crime, as explained by cybersecurity expert René Serral from InLab FIB. This phone allows "any operating system to be freely installed," and by doing so with Graphene OS, which doesn't require Google apps, it provides members of organized crime with an ideal tool to avoid police control. This is what the National Police found in Operation Cuervo, an operation that led to the seizure of 378 kg of cocaine that was being sent from Barcelona to Australia, via Qatar, through a network of companies and hidden among medical supplies. According to police sources, the pawns of the operation were Colombian, while the top brass and those financing them were Albanian. The driver who took the drugs to a warehouse in the Zona Franca was Colombian and was carrying two phones, one of them a Google Pixel.

Eavesdropping not working

Over the last decade, drug traffickers have been seeking out these types of devices and operating systems that shield them from police scrutiny, such as Sky ECC, an encrypted communications system that was the subject of a major operation in Spain earlier this year. They know it's more than likely the police are listening in on their daily lives, eliminating conventional calls. They call each other via WhatsApp and other apps, which, as police sources admit, has made the wiretapping system no longer useful for investigating organized crime. They accept that it involves hours and hours of listening to conversations, which often require translation and interpreters, and they no longer yield the results they once did.

Catalan police have recently detected how members of indigenous Roma gangs are visiting phone shops in Barcelona's Raval neighborhood to adapt their cell phones to the needs of the business: they have their microphone, camera, and GPS removed, so they can't be heard or tracked.

In the particular technological war between drug traffickers and the police, an important element has recently come into play: Trojans. With judicial authorization, the police infect traffickers' phones and thus gain access to most of the applications, images, and documents on a device. For example, the Civil Guard used it in the investigation against Lucky, considered the leader of one of the main mafias that controlled the cocaine entering through the port of Barcelona. Installing a Trojan represents direct access to a person's entire phone. "To pursue organized crime or terrorism, if you don't install Trojans, you're dead," admits a Mossos d'Esquadra investigator. Infecting cell phones with Trojans that can monitor everything the user does greatly complicates the work of lawyers, who criticize the lack of limits and oversight in these cases. "I don't know what the police saw about my client, because not everything appears in the reports they later produce," explains criminal lawyer Clara Martínez. Serral also questions this, given that there is an intrusion into people's privacy because they have access to the entire content of their devices. "Does the end justify the means?" asks this cybersecurity expert.

The Encrochat Case

This is what happened with Encrochat in 2020. It was a communications network with servers in France and was primarily used by organized crime gangs, who purchased devices from Encrochat for around €1,500 and paid a yearly subscription to the network. Devices like the Google Pixel allowed remote deletion of content, guaranteed anonymity, or prevented traceability.

French police infiltrated a Trojan into the system that allowed them to extract 115 million criminal conversations from 60,000 different users. Nearly 90% of these communications related to drug trafficking. Encrochat detected the infiltration of its system and sent a message urging users to destroy their devices. According to Europol, the operation, which France led in conjunction with other European Union countries, led to the arrest of 6,658 criminals, the seizure of more than 730 million in cash, 270 tons of cocaine, cannabis, and heroin, 30 million pills, and 923 firearms. Since the police had access to cell phone memory, they recovered previous conversations, and a question of fundamental rights and confidentiality was at stake, so the case reached the Court of Justice of the European Union, which granted the Encrochat case a hearing with conditions.

Pinching cars

According to police sources, tapping the cars of those under investigation is also proving effective, as they use hands-free technology and the conversation can be recorded. "Hey, are you in a car? They're using old-fashioned microphones. I don't know what you're doing," one of the recordings from the investigation into the Casuals, another drug syndicate in Catalonia, captures. Before one of the group's members, Paco el Gordo, realized it, the police had captured a long conversation about a kidnapping.

However, amid this technological war, police sources admit that human sources are once again gaining importance. That is, informants and infiltrators. Often, when the police catch a landing of hashish on the coast or find a container of cocaine in the port, it is precisely because someone has been indiscreet. This network of human sources has recently become stronger than ever. "We have to do a lot of street work," explains a National Police investigator.