[conspire] EncroChat and trippin' backhoes.

Rick Moen rick at linuxmafia.com
Sun Apr 25 17:17:01 PDT 2021

Quoting Nick Moffitt (nick at zork.net):

> But further down this caught my eye:
> > NCA investigators analysing encrypted messages obtained as part of
> > Operation Venetic – the UK investigation into the EncroChat network
> > – uncovered an alleged criminal conspiracy by a London-based crime
> > group to export drugs in heavy plant machinery to Australia.
> I hadn't heard of "EncroChat" but the Wikipedia page is a pretty tidy
> summary:
> 	https://en.wikipedia.org/wiki/EncroChat

One thing that interested me about this story is that UK's National
Crime Agency (NCA), France's National Gendarmerie, and the Netherlands's 
National Police Force carried out what was pretty much exactly a
supply-chain attack, directly comfortable to what the Russian SVR's Cozy
Bear cyberattack team carried out against the SolarWinds Orion Platform
corporate bloatware for MS-Windows / Active Directory networks -- the
long-running breach that was finally blown open last November because
FireEye, as a purchaser or SolarWinds Orion Platform, was about 1000x
more diligent about security than SolarWinds, Inc. had ever been.

Anyway, my how context-dependent the perception of badness is, eh?

> The site's still up, despite the company folding last Summer:
> 	https://encro.co.uk/

Thereby illustrating in microcosm a huge problem throughout the 
field of software that is _not_ curated by, say, a diligent and paranoid
Linux distro:  A very great deal of malware gets distributed by buying
up the trademarks and domains of once-active developers of popular code
and then abusing them to distribute malignly designed replacements.

This reportedly is one of the reasons Mozilla, Inc. and Apple, Inc. both
lowered the boom in a couple of different ways on Web browser
extensions, requiring greater central vetting by themselves for
extensions to remain in the respective walled gardens.

More information about the conspire mailing list