Dutch police said they cracked the encryption application IronChat and decrypted more than 258,000 messages sent via IronChat. The police did not explain how they were broken. The Dutch police said in a statement that criminals thought they could use the so-called encrypted mobile phone running IronChat to communicate securely, and policy experts in the eastern Netherlands had successfully accessed the communications.
“Criminals thought they could safely communicate with so-called crypto phones which used the application IronChat,” Tuesday’s statement said. “Police experts in the east of the Netherlands have succeeded in gaining access to this communication. As a result, the police have been able to watch live the communication between criminals for some time.”
As a result, the police sometimes watch communication between criminals in real time. IronChat is an end-to-end encrypted messaging application that security researchers believe may be a bug in the system that allows the police to crack the encryption. “In my opinion, that is the most likely option,” Frank Groenewegen, a researcher with Dutch security firm Fox-IT told The Telegraaf. “If encryption is properly applied, nobody can do anything to make a message visible, but it sometimes depends on a comma that is wrong somewhere. Then you can put 15 locks on a safe door, but if the hinges come loose and the door falls out, you will enter.”