Law enforcement agencies across Europe and Türkiye have successfully dismantled four major encrypted communication platforms used extensively by criminal networks.
The coordinated takedown, codenamed Operation BULUT (meaning “cloud” in Turkish), has resulted in 232 arrests and the seizure of assets valued at over EUR 300 million.
The operation’s success hinged on authorities’ ability to exploit security vulnerabilities in the targeted encryption services.
.png
)
Intelligence gathered from previously compromised platforms, particularly Sky ECC and ANOM, provided critical data for identifying and tracking criminal users across multiple networks.
“Years after their takedown, encrypted platforms like SKY ECC and ANOM are still helping law enforcement turn intelligence into action,” stated Jean-Philippe Lecouffe, Europol’s Executive Deputy Director of Operations.
“This case shows how powerful that data remains in identifying and dismantling high-value criminal networks operating in Europe.”
Technical Infrastructure Compromised
Investigators targeted the platforms’ API endpoints to intercept communications before encryption and after decryption, effectively circumventing the end-to-end encryption (E2EE) protecting messages in transit.
This technical approach allowed authorities to capture plaintext communications without needing to break the underlying cryptographic algorithms.
Law enforcement deployed sophisticated packet sniffing tools to identify network traffic patterns and server locations.
The operation focused on exploiting zero-day vulnerabilities in the platforms’ security infrastructure, enabling access to backend databases containing user information and metadata.
The four platforms, which authorities have not yet named publicly pending ongoing investigations, had become essential infrastructure for transnational criminal organizations.
These networks were responsible for trafficking at least 21 tonnes of drugs, including 3.3 million MDMA tablets across Europe and Türkiye.
The operation revealed extensive money laundering operations facilitated through these encrypted channels.
High-Value Targets involved in coordinating significant drug shipments were among those arrested, significantly disrupting supply chains that had been operating with impunity behind encrypted communications.
Global Effort Against Encrypted Crime
The breakthrough came after French authorities shared decrypted SkyECC data with Turkish investigators, while the Australian Federal Police provided ANOM intelligence.
This data-sharing initiative exemplifies the increasing technical cooperation between international agencies tackling encrypted criminal communications.
Europol facilitated real-time coordination among designated country coordinators from Belgium, France, Germany, the Netherlands, Spain, and Türkiye. The agency also deployed specialized technical units to support Dutch authorities during enforcement activities.
Forensic analysis of seized servers and devices continues, with investigators using specialized digital forensics tools to recover deleted communications and map additional connections between criminal organizations.
This operation demonstrates how authorities are increasingly able to penetrate supposedly secure criminal communications platforms, making criminals’ reliance on encryption vulnerable.
As investigators continue to analyze the seized data, additional arrests are expected in the coming months, further dismantling the criminal networks that had operated under the false security of encrypted communications.
Malware Trends Report Based on 15000 SOC Teams Incidents, Q1 2025 out!-> Get Your Free Copy
