DOJ Seizes $4 Million in Assets Tied to Phantom SecureFeds Say Defunct Service Sold Encryption Technology to Criminal Gangs
Assets worth $4 million have been seized by authorities in Singapore from the former CEO of Phantom Secure, a now-defunct encrypted telecommunications services provider that offered services to transnational organized criminal syndicates. The confiscated funds are now being transferred to the U.S., according to the Justice Department.
See Also: Top 50 Security Threats
Canada-based Phantom Secure's chief executive, Vincent Ramos, and four of his associates were indicted in 2018 on charges that they operated a criminal enterprise that facilitated the transnational importation and distribution of narcotics through the sale and service of encrypted telecommunications devices and services (see: Feds: Secure Smartphone Service Helped Drug Cartels).
Ramos pleaded guilty to a federal racketeering charge and was sentenced to nine years in federal prison in May 2019, according to the Justice Department. As part of that plea agreement, Ramos agreed to forfeit $80 million as proceeds of the crime as well as identify assets, including international bank accounts, real estate and cryptocurrency accounts.
The bank accounts containing the $4 million confiscated by the authorities in Singapore were among Ramos' assets identified by investigators to be forfeited, the Justice Department says.
Kyung Kim, former FBI legal attache and the senior managing director and head of cybersecurity for the Asia-Pacific region at FTI Consulting, notes that the type of investigations that led to the charges against Ramos and Phantom Secure are complex and take years.
Kim also noted that the encryption services that Phantom Secure provided increased the difficulties in prosecuting drug cases.
"Previously, law enforcement agencies were reliant on wiretaps for surveillance of criminal and drug syndicates, but the advancement of communications technology has enabled these organizations to essentially go dark, as they turn toward end-to-end encrypted devices and services to conduct their operations," Kim tells Information Security Media Group.
Federal prosecutors say that Phantom Secure advertised its products as impervious to decryption, wiretapping or legal third-party records requests.
The company guaranteed the destruction of evidence contained within a device if it was compromised, either by an informant or because it fell into the hands of law enforcement officials, according to the Justice Department.
”These services are incredibly hard to penetrate externally, and so informants and insiders can often be the only route to accessing these encrypted communications and conducting the necessary surveillance and evidence gathering to secure a conviction,” Kim says.
Ramos admitted that "he and his co-conspirators facilitated the distribution of cocaine, heroin, and methamphetamine to locations around the world including in Australia, Canada, Europe, Mexico, Thailand and the United States by supplying narcotics traffickers with Phantom Secure encrypted communications devices designed to thwart law enforcement," according to court documents.
The court documents further claims that, to keep communications out of the reach of law enforcement officials, Ramos and his associates maintained Phantom Secure servers in Panama and Hong Kong, used virtual proxy servers to disguise the physical location of its servers and remotely deleted or "wiped" devices seized by law enforcement officials.
In September 2019, the Canadian government arrested Cameron Ortis, who was director general of the Royal Canadian Mounted Police's National Intelligence Coordination Center, and charged him with providing information to Phantom Secure (see: Report: Encrypted Smartphone Takedown Outed Canadian Mole).
Ortis is now charged with eight counts of violating Canada's Security of Information Act, and his case is still making its way through that country's court system, according to the CBC.