Ghost Cybercrime Platform Dismantled, Admin Charged

Law enforcement agencies have successfully dismantled “Ghost,” a sophisticated encrypted communication platform allegedly designed exclusively for criminal use.

The operation, codenamed “Kraken,” resulted in the arrest of the platform’s alleged mastermind and administrator, a 32-year-old man from New South Wales, Australia.

The takedown of Ghost was a result of extensive international collaboration. Led by the Australian Federal Police (AFP), the operation involved law enforcement agencies from Ireland, Italy, Sweden, Canada, and other countries.

This coordinated effort demonstrates the growing effectiveness of global partnerships in combating transnational organized crime.

Ghost, operational for approximately nine years, provided encrypted communication services to criminals worldwide.

The platform sold modified smartphones for about $2,350, which included a six-month subscription to the encrypted network and technical support. As of September 17, 2024, there were reportedly 376 active handsets in Australia alone.

The alleged administrator faces five charges, including supporting a criminal organization and dealing with suspected proceeds of crime. If convicted, he could face significant prison time, with the most serious charge carrying a maximum penalty of 10 years.

Decoding Compliance: What CISOs Need to Know – Join Free Webinar

In addition to the administrator, up to 50 alleged Australian users of Ghost are facing serious charges. These individuals are accused of various crimes, including drug trafficking, money laundering, ordering killings, or threatening serious violence.

Operation Impact

• 38 arrests
• 71 search warrants executed
• Prevention of over 50 threats to life/harm
• Seizure of more than 200kg of illicit drugs
• Confiscation of 25 illicit firearms/weapons

The AFP’s success in infiltrating Ghost marks a significant achievement in law enforcement’s battle against encrypted criminal networks.

By modifying software updates pushed out by the administrator, the AFP was able to access the content on devices in Australia.

This technological breakthrough allowed law enforcement to prevent numerous crimes and gather crucial evidence against users of the platform.

The dismantling of Ghost follows similar takedowns of other encrypted platforms used by criminals, such as EncroChat, Sky Global, Phantom Secure, and AN0M.

This latest operation sends a clear message to organized crime groups that law enforcement agencies are continually adapting and improving their capabilities to combat cybercrime and encrypted communications used for illegal activities.

As criminals increasingly rely on technology to facilitate their operations, the success of Operation Kraken demonstrates that law enforcement agencies worldwide are rising to the challenge, working collaboratively to stay one step ahead in the fight against transnational organized crime.

Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14-day free trial