Can the security of communication apps be broken?
“Secure encryption.” “Cannot be intercepted.” “Unbreakable.”
These were the promises that EncroChat and Sky ECC made to their users so they could sleep soundly. Both platforms failed. Not because the encryption wasn’t secure, but because security doesn’t depend solely on encryption.
For cybersecurity specialists, the failures of EncroChat and Sky ECC are evidence confirming that even the most sophisticated systems fail. And this observation applies to individuals, businesses, and anyone who assumes their communication tools are secure.
EncroChat: when the central server is compromised
Before it was broken, EncroChat had approximately 60,000 users worldwide, using modified phones from the Spanish brand BQ (model BQ Aquaris X2). The phones had their GPS, camera, and microphone removed. They ran two operating systems simultaneously: Android and EncroChat OS for encrypted communications.
Messages were transmitted using the OTR (Off-the-Record) protocol, which theoretically guarantees that even if decryption keys are compromised, previous conversations cannot be reconstructed and exposed. Voice calls used the ZRTP protocol.
A special PIN code allowed the user to delete all stored information on the phone, and if the password was entered incorrectly several times in a row, the data was automatically erased. An EncroChat subscription cost approximately €1,500 for six months.
A phone that appeared secure, but with a critical weakness: the central servers were located in the city of Roubaix, France, under French state jurisdiction.
How EncroChat was “broken”
Investigators, using reverse engineering, began reconstructing EncroChat’s server network, the infrastructure managing cryptographic keys, device operating mechanisms, and how communications were conducted.
With a clear picture of the platform’s operation, the attack phase began.
The French intelligence agency DGSI developed software that was distributed to EncroChat devices disguised as a routine OTA (over-the-air) update. This attack was carried out by exploiting a compromised EncroChat server in Roubaix, presenting the update as authentic, as if it came from the platform’s own infrastructure.
The attack was carried out in two phases:
Phase 1 — collecting existing information
The software implanted on user devices collected data stored in device memory: archived conversations, contact lists, notes, and the device’s unique identifier (IMEI). It also recorded passwords used to unlock the device and cloned application data, providing investigators with complete information about each device.
Phase 2 — intercepting conversations
Investigators began recording incoming and outgoing messages in real time, transmitting them to the French authorities’ servers.
The key to success was that interception occurred before messages were encrypted by the device. The OTR protocol was built precisely to prevent messages from being decrypted in the future. Even if someone possesses the decryption keys, past conversations are irrecoverable. But this protection becomes useless when the message is read before encryption by the device.
The software used in the EncroChat case recorded data before it was encrypted, taking the encryption process out of the equation entirely.
Authorities also disabled the ability to automatically delete data via the PIN code, neutralizing the destruction of evidence.
It is estimated that approximately 50% of EncroChat devices in Europe were infected by June 2020. Between March and June 2020, authorities intercepted over 115 million messages. The operation concluded with 6,500 arrests and approximately €900 million seized.
What failed in EncroChat’s security
Blind trust in EncroChat’s central servers.
All messages were transmitted through them, concentrating risk at a single point. With the compromise of this central node, the entire network collapsed from a security perspective. The OTR protocol was mathematically secure, but the architecture around it was not.
What individuals and businesses should keep in mind
All communication systems that rely on central servers concentrate risk in those servers. The question is not just “are messages encrypted?” but
- Where are the servers physically located?
- Who controls them?
- What happens if they are compromised?
A thorough security audit can identify these architectural weaknesses before they are exploited.
Sky ECC: the failure of forward secrecy
After EncroChat’s fall, users migrated to Sky ECC, the world’s largest encrypted communications network, which had approximately 170,000 users exchanging over 3 million messages per day. Sky ECC, a platform of the company Sky Global based in Vancouver, Canada, considered itself “the most secure communications network you can have,” and even offered a $5 million reward to anyone who could break the platform’s security.
Messages transmitted on Sky ECC self-destructed after 30 seconds. If a device was unreachable, undelivered messages were deleted after 48 hours. The device had a password that, in cases of panic, would delete all information on it.
Sky ECC’s servers were also located in Roubaix, France, in OVH’s data center.
How Sky ECC was “broken”
Belgian and Dutch authorities planned for two and a half years to hack Sky ECC, executing their plan in two phases as well.
Phase 1 — passive data collection
Until mid-February 2021, authorities regularly intercepted messages transmitted through Sky ECC. The messages were encrypted, making it impossible to read them at that time. However, these unreadable messages were collected and stored with the aim of discovering the decryption key in the future.
Phase 2 — MITM attack (man-in-the-middle) and discovering the decryption key
Authorities managed to take control of several proxy servers that relayed Sky ECC platform messages. During this time, every message passed through servers under the authorities’ control.
For approximately three weeks (February 15, 2021 – March 9, 2021), messages were intercepted in real time, and during this period the cryptographic keys were also discovered.
With the discovery of the cryptographic keys, authorities decrypted not only the messages intercepted in real time during the server control period, but also the messages stored over years during the first phase, which could be decrypted with the same keys.
Approximately 1 billion messages were intercepted in total, half of which were decrypted in less than a month after key discovery. The remaining messages were decrypted in the following weeks.
Sky ECC had not properly implemented key generation with PFS (perfect forward secrecy).
What is forward secrecy and why is it important?
In a system that uses PFS, each communication generates a pair of temporary keys, which are destroyed after use. In this way, if someone were to store previously encrypted communications and later discover decryption keys on devices, the latter would not be able to decrypt them, since the corresponding keys were deleted after the communication ended.
Encrypted communications are easily interceptable, but their confidentiality is guaranteed, among other things, by the use of temporary keys — a technique known as perfect forward secrecy.
In Sky ECC’s communications, this technology was not properly implemented, enabling all messages intercepted over months to be decrypted with the discovered keys.
Mathematically, the encryption was not broken.
Authorities were able to decrypt all messages collected during the first phase. Messages transmitted before the interception began, which self-destructed, could not be recovered or exposed. The 30-second self-destruction mechanism had functioned as intended. This is why no decrypted conversations from before the interception period were found.
What failed in Sky ECC’s security
The lack of PFS implementation and the vulnerability in the servers where the MITM attack was deployed were the main causes of Sky ECC’s fall.
The encryption itself remained unbreakable, in the sense that messages could not be decrypted during transmission. But by not implementing PFS, every intercepted message was a “time bomb” waiting for the decryption key to be discovered.
The security of the keys themselves always remains the Achilles’ heel of modern cryptographic systems.
What individuals and businesses should keep in mind
When evaluating a communication platform, beyond the use of high encryption standards like AES-256, SHA-3, and RSA, the implementation of PFS for creating temporary (ephemeral) keys is essential. These keys are destroyed after use, making it impossible to decrypt messages in the future.
End-to-end encryption without PFS is like an armored door with the key under the doormat.
Is WhatsApp secure?
The discussion often arises about whether the world’s largest platform, WhatsApp, is vulnerable to such attacks.
How WhatsApp ensures security
WhatsApp uses the Signal protocol, widely accepted as the gold standard for secure communications. This protocol has been audited and tested by independent professionals and research groups. Furthermore, it is open source and can be verified by anyone.
IEEE has published strong proofs of its security.
The Signal protocol addresses precisely the weaknesses that led to the fall of EncroChat and Sky ECC.
Implementation of forward secrecy through the Double Ratchet algorithm
Unlike Sky ECC, WhatsApp generates a pair of cryptographic keys for every message. The Double Ratchet algorithm combines Diffie-Hellman and HMAC-SHA256, creating unique single-use keys that are destroyed after use.
An intercepted message becomes useless after the corresponding key is destroyed.
Encryption on the endpoint device
PFS protects messages during transmission, but security must also be guaranteed on endpoints.
Unlike EncroChat, where keys were stored on servers, in WhatsApp encryption and decryption are performed entirely on users’ devices. Servers store only encrypted data, unreadable even by the company itself.
This eliminates the risk of a centralized compromise like EncroChat.
Open-source Signal protocol
The Signal protocol’s code is public and open for audit. For more than a decade it has been analyzed by the scientific community without critical weaknesses being discovered.
Unlike EncroChat and Sky ECC, which used closed and unaudited code.
WhatsApp is also vulnerable
The technology on which it is built remains secure; however, WhatsApp has real and proven weaknesses.
The biggest weakness lies in cloud backups.
In the application’s default settings, conversation backups stored on Google Drive or iCloud are not protected by end-to-end encryption. The entire conversation history stored on Google or Apple servers is readable. Authorities don’t need to hack the application; a court order to Google or Apple is sufficient to obtain the stored conversation backups.
In 2024, Meta accepted 78% of law enforcement requests for the delivery of user backups.
At the end of 2025, WhatsApp added the option for users to protect backups with a password, but this setting is not enabled by default. The user must activate it manually in the application settings. The majority of users have not done so.
Metadata is stored and accessed
WhatsApp encrypts message content, but not the information associated with them, known as metadata.
WhatsApp knows who you’re talking to, when and how often you communicate with someone, the IP address from which you’re communicating, and which device you’re using the application on.
In September 2025, a former WhatsApp security director admitted during a legal proceeding that approximately 1,500 Meta engineers had unlimited access to this data.
In the case of businesses, even though message content is secure, conversation metadata can reveal information about clients they are in contact with or other operational data.
Compromising the device itself overrides all security
In 2019, a spyware called Pegasus compromised over 1,400 devices using WhatsApp by exploiting a vulnerability in the call system.
In January 2025, approximately 100 journalists were targets of a sophisticated attack. A modified PDF file was sent to targets via WhatsApp. Once downloaded (without needing to be opened), the device was compromised.
In 2025, a series of vulnerabilities were discovered in Android and iOS systems that could be exploited through WhatsApp.
The strategy is the same as in the case of EncroChat and Sky ECC: the encryption technology is not attacked, but the device directly. In this way, the goal is to read messages before they are encrypted by the application, rendering the encryption layer irrelevant. Proper endpoint security — including device management, regular patching, and monitoring — is the only defense against this class of attack.
Could attacks on EncroChat and Sky ECC be used against WhatsApp?
The EncroChat compromise targeted central servers, while WhatsApp performs encryption on users’ devices. An attack would need to target individual endpoints directly. This is possible but extremely difficult to execute at scale.
The Sky ECC compromise relied on collecting encrypted conversations over an extended period and later obtaining the decryption keys. WhatsApp generates ephemeral keys for each message, which are destroyed after use. Intercepting encrypted traffic is useless when the decryption key no longer exists.
How do authorities access WhatsApp conversations?
Authorities can obtain backed-up conversations from Google or Apple with a court order. They can request metadata from WhatsApp through legal channels, deploy targeted spyware against high-value subjects, or aim to seize devices before the user locks them.
(In law enforcement operations, after neutralizing a target, the primary objective is securing the phone before it locks.)
What lesson should businesses and individuals take?
The Signal protocol used by WhatsApp is a cryptographically secure protocol (much more so than what EncroChat or Sky ECC offered). But security doesn’t rest solely on cryptography.
The service that encrypts backups should be activated immediately. This has a considerable impact on conversation confidentiality. Without it, end-to-end encryption is incomplete.
Regular device updates. All software previously used to compromise WhatsApp exploited known vulnerabilities in the application or the operating system (Android or iOS). Regular and timely updates close these weaknesses.
Be informed about what metadata can reveal. Even though content is encrypted, metadata helps create a communication profile.
For sensitive conversations, consider Signal. It uses the same encryption protocol and is owned by a nonprofit organization. It stores virtually no metadata and does not use cloud backups. The application code is open source.
Encryption does not mean absolute security. WhatsApp ensures that conversations are not intercepted during transmission, but it is not immune when the phone is unlocked, when backups are stored unencrypted, when the device is compromised, or when someone photographs the screen.
Conclusion
The cases above demonstrate an undeniable truth about attacks on communication platforms:
Attacks target endpoints and infrastructure, not the cryptography itself.
The AES-256 standard may be mathematically unbreakable, but it becomes useless if the message is exposed before being encrypted.
Experience to date teaches us that:
- Endpoint security (phones, computers, and servers) is essential. In all cases examined, the attacks targeted the devices and infrastructure, not the encryption.
- The use of forward secrecy is non-negotiable. Systems that don’t implement it are exposed to the risk of future decryption.
- The use of forward secrecy is non-negotiable. Systems that don’t implement it are exposed to the risk of future decryption.
- The use of forward secrecy is non-negotiable. Systems that don’t implement it are exposed to the risk of future decryption.
At ITAKA7, we recommend the use of open-source technologies that are regularly audited by independent parties.
Sources:
- Computer Weekly — “Three years on, EncroChat cryptophone hack nets 6,500 arrests and seizures of €900m” (June 2023): https://www.computerweekly.com/news/366542786/Three-years-on-EncroChat-cryptophone-hack-nets-6500-arrests-and-seizures-of-900-million
- Computer Weekly — “Police EncroChat cryptophone hacking implant did not work properly and frequently failed” (March 2022): https://www.computerweekly.com/news/252514476/Police-EncroChat-cryptophone-hacking-implant-did-not-work-properly-and-frequently-failed
- Computer Weekly — “Police crack world’s largest cryptophone network as criminals swap EncroChat for Sky ECC” (March 2021): https://www.computerweekly.com/news/252497565/Police-crack-worlds-largest-cryptophone-network-as-criminals-swap-EncroChat-for-Sky-NCC
- Bruce Schneier — “EncroChat Hacked by Police” (July 2020): https://www.schneier.com/blog/archives/2020/07/hacked_by_polic.html
- GI-TOC Risk Bulletin — “Decryption of messaging app provides valuable insight into criminal activities in the Western Balkans”: https://riskbulletins.globalinitiative.net/see-obs-013/01-decryption-of-messaging-app-criminal-activities.html
- OCCRP — “The Crime Messenger: How Sky ECC Phones Became a Tool of the Criminal Trade” (October 2024): https://www.occrp.org/en/project/the-crime-messenger
- Vice — “Sky ECC: The Encrypted Phone Bust That Was Meant to End Drug Crime Has Fallen Apart in Court” (January 2026): https://www.vice.com/en/article/sky-ecc-the-encrypted-phone-bust-that-was-meant-to-end-drug-crime-has-fallen-apart-in-court/
- Signal Foundation — Signal Protocol technical documentation: https://signal.org/docs/
- Signal Foundation — “WhatsApp’s Signal Protocol integration is now complete” (April 2016): https://signal.org/blog/whatsapp-complete/
- IEEE — “A Formal Security Analysis of the Signal Messaging Protocol” (2017): https://ieeexplore.ieee.org/document/7961996/
- SecurityWeek — “Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes” (January 2026): https://www.securityweek.com/researcher-spotlights-whatsapp-metadata-leak-as-meta-begins-rolling-out-fixes/
- Wikipedia — EncroChat: https://en.wikipedia.org/wiki/EncroChat
- Wikipedia — Shutdown of Sky Global: https://en.wikipedia.org/wiki/Shutdown_of_Sky_Global
