Anom or An0m or Anøm – named differently in different reports – was introduced as an encrypted communication platform similar to Encrochat and Phantom Secure. This communication tool has gained immense popularity among criminals around the world. It has been reported that law enforcement has managed to deploy more than 12,000 “protected” devices in about 100 countries around the world. As it was understood earlier, a special loophole was placed in the system, which allowed to monitor all communications of criminal elements.

A year ago, the FBI, Europol and the special services of several countries reported the completion of operation Trojan Shield (in some episodes the operation was called Greenlight and Ironside). It caused heated debate in the press and social networks. We told more about this story in a separate article.

What did the journalists find?

It was reported that the source who gave the materials to the journalists did not want to be named. The publication also decided not to publish the code itself, as the editors acknowledged that the code contained information about people working at the app. Many did not know that this was a secret FBI project to monitor organized crime. Revealing identities can put them at risk.

• for monitoring Anom used a special “bot” that replicated all criminals’ negotiations with the authorities.
• For this, there was a special “ghost” person in the messenger code that was hidden from user contact lists and running in the background.
• In fact, when the app scrolls through a user’s contact list and encounters a bot account, it filters it out and removes it from human view.
• It is noted that the idea of ​​such “ghost” contacts has been discussed before. For example, in a 2018 article, British intelligence agency GCHQ staff wrote that “the provider is able to covertly and easily add a law enforcement officer to a group chat or call.” Thus, the conversation will continue to be protected by end-to-end encryption, but one more invisible participant will appear in it.
• It also turned out that Anom added location information to any messageThe AndroidManifest.xml file sent to that bot, showing what permissions the app has accessed, contained the ACCESS_FINE_LOCATION permission.

Overall, most of the messenger code was copied from an unnamed open source messaging app. As a result, the researchers write, Anom’s code is pretty messy.