NL: EncroChat Hack Led to a Spike in Drug Lab Busts

~2 min read | Published on 2021-09-20, tagged DarkWebDrug-BustDrugsEncroChat using 387 words.

The EncroChat hack resulted in a significant increase in the number of drug labs detected by police in the Northern Netherlands, according to a recent report.
The six-month figures from the European Reporting on Illicit Synthetic Substance Production Sites (ERISSP) indicate that police in the Netherlands have detected fewer drug labs in the first six months of 2021 than in the first six months of 2020. However, the number of detections (49) is still up when compared to the first six months of both 2018 and 2019. This year’s decrease is partially due to the EncroChat hack, police believe.



“Last year we saw an increase in the number of labs discovered through investigations into crypto communication services such as Encrochat. Messages intercepted during these investigations led us to a large number of labs in a short time,” a police employee said. “The information from the millions of intercepted messages also put us on the trail of drug labs in the first half of this year. But because - where possible - immediate action was taken last year, the enormous increase is leveling off.”



Curiously, police have discovered significantly more dumping sites where drug manufacturers dispose of their chemical waste. The police do not appear to know what this indicates. “A possible cause is the increasing division of production labs into several smaller labs. This leads to the dumping of smaller amounts of waste,” the police employee said.



Several law enforcement agencies, including in the Netherlands, jointly investigated EncroChat in 2019 and 2020 with great success. Previous attempts at accessing the contents of a phone running EncroChat OS, including an attempt by the French National Gendarmerie in 2017, failed. Between 2019 and 2020, the French National Gendarmerie successfully installed malware on the company’s OVH servers in France. The malware gave law enforcement agencies access to read messages and record device passwords undetected. In June 2020, an estimated 50% of the EncroChat devices in Europe were vulnerable to the malware deployed by French authorities.



The messages resulted in countless arrests, the majority of which are unrelated to the topics generally covered by this site. However, darkweb vendors were among some of the users of EncroChat devices. As a result, some EncroChat-linked arrests included suspected darkweb vendors, including the suspects behind the vendor accounts HundredsUK, Hundredsandthousands, Sundaefundae, and 100and1000s.
Full report (pdf)