Australian man charged over allegedly creating app for criminal underworld
The Australian Federal Police arrested Jay Je Yoon Jung for creating the 'Ghost' app used by organized crime for drug trafficking. Operation Kraken seized significant drugs, weapons, and cash, dismantling a major syndicate.
Read original article
The Australian Federal Police (AFP) conducted a series of dawn raids that led to the arrest of a 32-year-old man, Jay Je Yoon Jung, accused of creating an encrypted messaging app called 'Ghost' for criminal activities. This app was allegedly utilized by various organized crime groups, including Italian, Korean, and Middle Eastern syndicates, to facilitate drug trafficking and other illicit operations. The raids resulted in charges against dozens of individuals for offenses such as drug trafficking, conspiracy, and firearm-related crimes. The operation, named Operation Kraken, has reportedly dismantled a significant criminal syndicate that used the app to coordinate drug importations and even fabricate a false terrorism plot. The AFP seized substantial quantities of illicit drugs, weapons, and cash during the operation, which involved over 700 officers across four states. The investigation revealed that the app had been in use for several years, with the AFP gaining access to 125,000 messages exchanged on the platform. The case highlights the challenges law enforcement faces in combating organized crime using encrypted communication tools.
- Jay Je Yoon Jung, the alleged creator of the 'Ghost' app, has been arrested and charged.
- The AFP's Operation Kraken has dismantled a major crime syndicate involved in drug trafficking.
- The raids resulted in the seizure of 205kg of drugs, 25 weapons, and $1.2 million in cash.
- The 'Ghost' app was used by various organized crime groups for illicit activities.
- The investigation involved collaboration with international law enforcement agencies.
Related
WA man set up fake free WiFi at Australian airports and on flights,police allege
A man in Western Australia was arrested for creating fake wifi networks at airports and flights to steal personal data. He faces cybercrime charges for setting up deceptive networks to collect users' information. Police advise caution and cybersecurity measures.
Telegram CEO Pavel Durov just got arrested in France
Pavel Durov, founder of Telegram, was arrested in France on August 24, 2024, facing serious charges including drug trafficking and fraud, amid efforts to combat criminal activity on the platform.
US dismantles laptop farm used by undercover North Korean IT workers
Matthew Isaac Knoot was arrested for facilitating North Korean IT workers in remote jobs, using stolen identities and laundering payments, generating over $250,000 per worker, funding North Korea's nuclear program.
Found: Android apps that use OCR to steal cryptocurrency credentials
Researchers found over 280 malicious Android apps using OCR technology to steal cryptocurrency wallet credentials. These apps disguise as legitimate services and are spreading from South Korea to the UK.
Chinese hackers linked to cybercrime syndicate arrested in Singapore
Seven individuals, including six Chinese nationals and one Singaporean, were arrested in Singapore for cybercrime, with police seizing hacking tools, personal data, and over $1.4 million in cash and cryptocurrencies.
2 comments* The article states the accused launched the app 9 years ago at the age of 23. The app previously had the domain ghostecc.com whose historical WHOIS records indicate creation on 2016-04-13, so the dates approximately line up.
* The accused was living with his parents in a property they seemingly purchased in 1996 (when the accused would have been 4 years old) and live in today. From business registration records associated with the property, the family appears to operate a commercial cleaning business as well as a more recently formed skip bin hire business.
The app
* ghostchat.net indicates access to the app was by invitation only (side-loaded and probably Android-only) and the article indicates there were 600+ users. The contact form on ghostchat.net to request access to the app places the USA, Canada, Croatia, Denmark, Finland, Ireland, Mexico, Netherlands, Spain, Sweden and the UK at the top of the list of countries to select in that order, then all other countries are listed alphabetically thereafter.
The technical method used by law enforcement
* "the [accused] man regularly pushing updates to devices with the encrypted app provided [the Australian Federal Police's Covert and Technical Team] with the opportunity they needed."
* "The technical solution created by the AFP used to infiltrate the app is world-first and is a process that couldn't be replicated in countries like Sweden where the app 'Ghost' is also used."
The legal method used by law enforcement
* The article hints that the powers granted in the Surveillance Legislation Amendment (Identify and Disrupt) (SLAID) Bill 2021[1] were possibly used. This legislation allows black bag operations[2] and remote exploitation against premises and computer systems related to the app, and would also critically compel anyone capable of assisting to do so in secret. The legislation also has provisions that almost certainly would be used on every occasion to ensure the methods used are not revealed in the court proceedings.[3] It's perhaps the admissibility of evidence and ability to suppress black bag operation methods that the article hints could be challenged in court for the first time. Although in this case there isn't a well resourced company defending the case and as such it's hard to see how much of a challenge would be presented. The latest government report on use of the SLAID powers[4] should be published in ~November 2024 and seemingly would include mention of the warrants issued in relation to this app. As the arrests just happened today, those results wouldn't be included in the annual report until ~November 2025.
Related discourse on encrypted chat apps
* Patrick Gray from the Risky Business podcast recently interviewed the head of ASIO, Mike Burgess, (also former head of ASD) about encrypted apps just a month ago[5], but the focus of questions was on Assistance and Access (AA) powers, not the separate SLAID powers. This interview provides the latest thinking on encrypted messaging apps in Australia and Patrick asked some pointed questions about how Australia plans to get access to apps such as Signal which are hosted offshore. Another relevant line of questioning for next time would be how SLAID and AA legislation would be of any assistance with apps such as Potato Chat or Ant Messenger which were ousted a few months ago as a preferred communication method for Chinese spies operating in Australia.[6] Patrick did raise the somewhat inevitable trajectory towards censorship and/or outlawing of apps that are out-of-reach of law enforcement, something which is currently being tested with TikTok and Section 230 in the USA.
* The Australian government just a few years ago seemingly conducted a large amount of business using apps such as Signal (preferred app of the prime minister's office)[7] and WhatsApp. Seemingly this use has or is continuing to be replaced with use of Microsoft Teams for internal communications[7], making it easier to now battle mainstream encrypted messaging apps.
References
[1] https://www.aph.gov.au/Parliamentary_Business/Bills_Legislat...
[2] https://en.wikipedia.org/wiki/Black_bag_operation
[3] Example of a likely similar request made in the US to Apple: https://en.wikipedia.org/wiki/Apple%E2%80%93FBI_encryption_d...
[4] https://www.ag.gov.au/crime/publications/surveillance-device...
[5] https://risky.biz/mikeburgess/
[6] https://www.abc.net.au/news/2024-05-13/china-spy-secret-poli...
[7] https://www.pmc.gov.au/sites/default/files/foi-logs/foi-2023...
Related
WA man set up fake free WiFi at Australian airports and on flights,police allege
A man in Western Australia was arrested for creating fake wifi networks at airports and flights to steal personal data. He faces cybercrime charges for setting up deceptive networks to collect users' information. Police advise caution and cybersecurity measures.
Telegram CEO Pavel Durov just got arrested in France
Pavel Durov, founder of Telegram, was arrested in France on August 24, 2024, facing serious charges including drug trafficking and fraud, amid efforts to combat criminal activity on the platform.
US dismantles laptop farm used by undercover North Korean IT workers
Matthew Isaac Knoot was arrested for facilitating North Korean IT workers in remote jobs, using stolen identities and laundering payments, generating over $250,000 per worker, funding North Korea's nuclear program.
Found: Android apps that use OCR to steal cryptocurrency credentials
Researchers found over 280 malicious Android apps using OCR technology to steal cryptocurrency wallet credentials. These apps disguise as legitimate services and are spreading from South Korea to the UK.
Chinese hackers linked to cybercrime syndicate arrested in Singapore
Seven individuals, including six Chinese nationals and one Singaporean, were arrested in Singapore for cybercrime, with police seizing hacking tools, personal data, and over $1.4 million in cash and cryptocurrencies.