Fact-checked by Grok 2 weeks ago

Phantom Secure

Phantom Secure was a Canadian headquartered in , , that provided modified smartphones equipped with proprietary encrypted messaging software and a network designed to evade interception. Founded by Vincent Ramos, the firm removed standard features such as GPS, cameras, and microphones from the devices to enhance user anonymity, while advertising the service as impervious to decryption, , or third-party access. The company's clientele primarily consisted of 10,000 to 20,000 subscribers who were high-ranking members of transnational criminal organizations, including major drug cartels responsible for distributing thousands of kilograms of narcotics such as , , and across and . Ramos, who served as chief executive, knowingly marketed and sold these devices to facilitate violent criminal enterprises, including the , while employing measures like remote "kill switches" to disable compromised phones and instructing users on countermeasures against . The operation generated substantial illicit revenue, leading to the seizure of millions in assets, including approximately $4 million from Singapore-based accounts linked to Phantom Secure's proceeds. In March 2018, U.S. authorities, in coordination with international partners, shut down Phantom Secure's network, arresting and several associates on charges including conspiracy to distribute narcotics and violations of the Racketeer Influenced and Corrupt Organizations Act. pleaded guilty in October 2018 to leading a continuing criminal enterprise, admitting that the service enabled the coordination of drug shipments and violent acts while concealing evidence from investigators. He was sentenced to nine years in in May 2019 and released in November 2024 after serving his term. The takedown highlighted vulnerabilities in encrypted platforms favored by and prompted subsequent operations targeting similar services.

History

Founding and Early Operations

Phantom Secure was founded in 2008 by Vincent Ramos in , , . Ramos, the son of Filipino immigrants, had prior experience in sales, including corporate roles at telecommunications firm Rogers and , where he earned recognition for selling bathtubs and smartphones. The company was legally incorporated, obtaining a from Vancouver authorities and legal approval to operate, with an initial focus on protecting personal and business communications privacy. In its early operations, Phantom Secure modified off-the-shelf handsets to enhance security, removing the GPS, microphone, and camera hardware while implementing PGP encryption for messaging. Devices connected to a encrypted , with messages routed through servers located in and , and customer support handled from ; a remote wipe feature allowed administrators to erase data if a phone was lost or compromised. The business model relied on subscription fees, charging users up to $2,000 for six-month contracts, positioning the phones as a premium tool for . Marketing targeted sophisticated executives and VIPs as a , with complimentary devices distributed to influencers such as rappers and athletes, including members of the , to generate word-of-mouth promotion among early clientele in Toronto's nightlife and sectors. While initially oriented toward legitimate privacy needs rather than criminal applications, the service's emphasis on untraceable communications soon drew interest from illicit users, though widespread adoption developed later.

Expansion into Secure Communications Market

Phantom Secure, founded in 2008 by Vincent Ramos in Richmond, Canada, initially focused on modifying BlackBerry smartphones to offer encrypted messaging capabilities using PGP encryption, targeting privacy-conscious users such as Canadian VIPs in nightlife, business, and entertainment sectors. These early devices routed communications through servers in Panama and Hong Kong, with hardware alterations including the removal of GPS, microphones, and cameras to minimize vulnerabilities, alongside a remote wipe feature for data security. The company positioned its products as superior to consumer apps for secure communication, emphasizing resistance to interception and decryption, which appealed to high-risk individuals seeking uncompromised privacy. By the early 2010s, Phantom Secure expanded internationally through word-of-mouth referrals, gaining traction among groups who valued the platform's exclusivity—devices could only communicate with other units—and its subscription-based model charging up to $2,000 USD for six months of service. A pivotal deal involved selling devices to Mexico's shortly after inception, which reportedly generated significant early revenue and propelled ' personal wealth, including and cash inflows. Expansion reached by 2014, where adoption surged among groups like the , stymieing efforts due to the encrypted network's opacity. The company's growth culminated in an estimated 7,000 to 10,000 devices sold globally by 2016, with revenues exceeding $32 million according to assessments, and up to $80 million per FBI estimates, serving as many as 20,000 clients worldwide primarily in criminal networks from loan sharks to drug trafficking organizations. This scale reflected a shift from niche VIP sales to dominating the secure communications market, though competition from emerging providers like Ciphr and failed pivots to apps began eroding market share by the mid-2010s. Despite claims of legitimate applications, the platform's and distribution favored in illicit activities, with no verifiable widespread adoption by non-criminal enterprises.

Technology

Hardware and Software Modifications

Phantom Secure modified smartphones primarily by disabling or physically removing hardware components to enhance security and prevent location tracking or surveillance. The company removed or disabled the , camera, and GPS functionality, eliminating capabilities for voice calls, , and geolocation that could be exploited by law enforcement. Standard cellular calling, texting, and browsing features were also stripped from the devices to reduce the and limit data leakage. On the software side, Phantom Secure installed a proprietary encrypted messaging application that operated over private servers, replacing standard communication protocols with end-to-end encryption designed to resist decryption, wiretapping, or compelled disclosure. This app facilitated secure email and chat but excluded conventional messenger services, browsers, and other applications that could introduce vulnerabilities. The modifications included a remote "kill switch" allowing Phantom Secure administrators to disable devices if compromised or upon user request, further centralizing control and enabling rapid network-wide responses to threats. These alterations transformed the handsets into dedicated secure communication tools, marketed as impervious to interception, though reliant on the company's infrastructure for operation.

Security Features and Protocols

Phantom Secure devices were primarily modified smartphones, with hardware alterations including the physical removal of microphones, cameras, and GPS components to prevent unauthorized audio recording, visual capture, or location tracking. Standard functionalities such as voice calling, , and browsing were also disabled or stripped from both and software layers, restricting communication solely to the company's proprietary encrypted . On the software side, Phantom Secure installed a custom encrypted system utilizing (PGP) protocols combined with (AES) for message protection, enabling within a closed-loop network inaccessible to external users. Messages were routed through servers located in and , with multiple layers of virtual private networks (VPNs) employed to obfuscate traffic origins and destinations, enhancing resistance to interception or tracing. Each device received a unique custom for communication, and the system prohibited connectivity to public networks or app stores to minimize vulnerability to or updates that could introduce backdoors. Operational protocols included remote wipe capabilities, allowing administrators to delete messages and data from seized devices, a feature invoked in response to user arrests to obstruct investigations. The company marketed these modifications as rendering the devices "uncrackable" and impervious to or decryption by law enforcement, though authorities later accessed communications through infiltrated access and cooperation rather than technical breaches. Over 150 domain names supporting the were seized during the shutdown, underscoring the distributed nature of the backend servers.

Business Operations

Pricing and Distribution Model

Phantom Secure employed a subscription-based model that bundled access to its proprietary encrypted communications network with the sale of hardware-modified devices. Subscriptions typically cost between $2,000 and $3,000 for a six-month period, reflecting the premium placed on the service's purported uncrackability and exclusivity. Bulk transactions underscored the model's profitability; for instance, a deal for 200 devices was valued at around $600,000, suggesting per-unit costs inclusive of initial subscription fees that could reach thousands annually. Distribution relied on a decentralized of independent resellers and territorial distributors operating across multiple countries, who acted as middlemen to handle sales and logistics while affording the company . These distributors maintained autonomy in their regions, sometimes conducting superficial customer vetting such as anti-money laundering forms, though the primary clientele consisted of figures. Sales channels included word-of-mouth referrals, limited online facilitation, and direct outreach, but public marketing was absent to preserve operational secrecy. Entry into the Phantom Secure ecosystem required stringent vetting: prospective users needed endorsement from an existing, trusted subscriber to mitigate risks of penetration, effectively creating an invitation-only . Transactions were conducted via cryptocurrencies like to ensure anonymity and facilitate of proceeds, with servers hosted in locations such as and to obscure operational footprints. This model prioritized high-margin, low-volume sales to vetted high-risk clients over mass- accessibility.

Target Users and Known Clientele

Phantom Secure primarily targeted individuals and organizations requiring heightened communication security, such as high-risk professionals and privacy-conscious users, but its services were predominantly adopted by members of transnational criminal networks engaged in drug trafficking and organized crime. The company distributed modified BlackBerry devices through a network of resellers, many with established criminal connections, which facilitated rapid penetration into illicit markets beginning around 2010. Founder Vincent Ramos knowingly marketed the devices to criminals, as evidenced by his 2019 guilty plea admitting that Phantom Secure operated as an encrypted platform exclusively for unlawful purposes, including narcotics importation and distribution. Known clientele included high-level operators from the in , which provided Ramos's initial major breakthrough in the criminal market, as well as members, the , and a European "super cartel" controlling approximately one-third of the continent's trade. Other documented users encompassed leaders of global drug-trafficking syndicates, such as Owen Hanson, who coordinated the transport of over one metric ton of from to the , , and using six Phantom Secure devices. Client communications often employed pseudonyms indicative of criminal intent, including "[email protected]," "[email protected]," and "[email protected]," reflecting coordination of activities like murders, assaults, and . The service supported an estimated 10,000 to 20,000 users worldwide, with approximately 7,000 active devices at the time of the 2018 shutdown, nearly all linked to serious in regions including , , and . assessments, including from the FBI, characterized the user base as top-tier criminal actors who relied on the platform's purported uncrackability to evade detection in operations spanning multiple countries. Despite occasional claims of legitimate users like politicians or celebrities, investigations found no substantive of non-criminal , underscoring the platform's role in enabling "going dark" for illicit networks.

Law Enforcement Actions

Investigations and International Collaboration

The investigation into Phantom Secure originated in the U.S. District Court for the Southern District of California, triggered by a probe into a client using the service to coordinate international drug shipments. Led primarily by the FBI's San Diego field office, the effort expanded to target the company's infrastructure after evidence emerged of its role in facilitating narcotics distribution and obstructing justice through encrypted communications. U.S. agencies including the Drug Enforcement Administration (DEA), Customs and Border Protection (CBP), Homeland Security Investigations (HSI), and local police departments in Washington State collaborated domestically, while the probe's international scope necessitated partnerships abroad. Given Phantom Secure's Canadian headquarters in and its global clientele, the Royal Canadian Mounted Police (RCMP) played a pivotal role in the cross-border effort, coordinating with the FBI to dismantle operations tied to . Additional collaboration involved the Australian Federal Police (AFP), along with law enforcement in , , and , reflecting the service's use by drug cartels and criminal networks spanning multiple continents. This multinational executed simultaneous actions, with over 250 agents conducting approximately 25 searches worldwide in early March 2018, resulting in seizures of encrypted devices, servers, bank accounts, drugs, weapons, and more than 150 domain names essential to the network. The operation culminated in the arrest of CEO Vincent Ramos on March 7, 2018, near the U.S.-Canada border in Bellingham, Washington, followed by a federal indictment on March 15, 2018, charging him and four associates with racketeering conspiracy under the Racketeer Influenced and Corrupt Organizations (RICO) Act and conspiracy to aid and abet narcotics distribution. These charges carried potential life sentences and marked the first U.S. prosecution explicitly targeting a communications provider for enabling "going dark" technologies used by high-level criminals, estimated to have disrupted secure lines for 10,000 to 20,000 users worldwide. The coordinated seizures severed Phantom Secure's operational backbone, generating tens of millions in revenue annually since 2008 by serving drug traffickers and violent offenders.

Shutdown Operation in 2018

The shutdown of Phantom Secure occurred through a coordinated international law enforcement operation culminating in early 2018, primarily led by the (FBI) in collaboration with the Australian Federal Police (AFP), (RCMP), and agencies in , , and . On March 7, 2018, Vincent Ramos, the company's founder and CEO, was arrested in , while approximately 250 agents executed around 25 searches worldwide, targeting Phantom Secure's infrastructure and associates. These actions included the seizure of over 150 domain names associated with the service, as well as devices, assets, drugs, and weapons, effectively dismantling the network's operations. Indictments were unsealed on March 15, 2018, charging Ramos and four associates—Kim Augustus Rodd, Younes Nasri, Michael Gamboa, and Christopher Poquiz—with under 18 U.S.C. § 1962(d) and to aid and abet narcotics distribution under 21 U.S.C. §§ 841, 846 and 18 U.S.C. § 2, each carrying a maximum penalty of . The charges alleged that since 2008, Phantom Secure knowingly provided communications to high-level drug traffickers, facilitating global narcotics importation, violent crimes including murders, and , while generating approximately $80 million in annual revenue from around 10,000 to 20,000 devices sold worldwide. This marked the first U.S. federal case explicitly targeting a company for distributing "go-dark" technology designed to evade detection. In , the conducted raids across 19 properties in , , , and , seizing more than 1,000 Phantom Secure devices, cash, and drugs, with one individual arrested and charged with drug offenses. Of the estimated 20,000 devices in circulation globally, about 10,000 had been distributed in alone, underscoring the operation's disruption of criminal communications tied to syndicates involved in drug imports, , and contract killings. The takedown immediately severed secure channels for top-level criminal leaders, though associates like Rodd and Nasri remained fugitives at the time.

Legal Proceedings

Indictment and Conviction of Vincent Ramos

On March 15, 2018, a federal in the Southern of California indicted Vincent Ramos, the chief executive of Phantom Secure, along with four associates—Kim Augustus Rodd, Younes Nasri, Michael Gamboa, and Christopher Poquiz—on charges of under 18 U.S.C. § 1962(d) and to aid and abet narcotics distribution under 21 U.S.C. §§ 841 and 846, as well as 18 U.S.C. § 2. The alleged that Ramos and his co-conspirators operated Phantom Secure as a enterprise that knowingly supplied modified encrypted devices to transnational criminal organizations, including drug cartels, to facilitate narcotics trafficking, , and by evading law enforcement surveillance. Prosecutors claimed the company, operational since around 2008, generated approximately $80 million in revenue and distributed 10,000 to 20,000 devices worldwide, marketing them as impervious to decryption or with remote wipe capabilities to destroy evidence. Ramos, a resident of Richmond, British Columbia, Canada, was arrested on March 7, 2018, in Bellingham, Washington, while attempting to cross into the United States. The arrests stemmed from a multi-agency investigation involving the U.S. Drug Enforcement Administration, Federal Bureau of Investigation, and international partners from Canada, Australia, the Netherlands, and others, which had infiltrated Phantom Secure's network and gathered evidence of its use in coordinating large-scale drug shipments and violent crimes. Three of Ramos's associates remained fugitives at the time of the indictment, with Nasri later arrested in Thailand. On October 2, 2018, Ramos pleaded guilty in the U.S. District Court for the Southern District of California to one count of racketeering conspiracy, admitting that he led the Phantom Secure enterprise in providing encrypted communications devices and services that enabled the importation and distribution of controlled substances by criminal organizations. In his plea, Ramos acknowledged concealing server locations, instructing customers on evading detection, and profiting from sales to known drug traffickers, including members of the . Ramos was sentenced on May 28, 2019, by U.S. District Judge Q. Hayes to nine years in , followed by three years of supervised release. The court ordered forfeiture of $80 million in proceeds from the enterprise, encompassing international bank accounts, , holdings, and gold coins seized in related actions. Prosecutors emphasized that Ramos's services were marketed using testimonials from criminal users, including instances tied to gangland murders, and that the devices demonstrably aided in evading until the network's shutdown. Ramos, then 41 years old, did not contest the forfeiture, which reflected the enterprise's annual revenue scale.

Role and Conviction of Cameron Ortis

Cameron Ortis served as the director of operations for the Royal Canadian Mounted Police's (RCMP) National Intelligence Coordination Centre (NICC) from 2016 until his arrest in 2019, a civilian role that granted him access to highly classified intelligence from Canadian and allied agencies. In this capacity, Ortis was responsible for coordinating but was later accused of betraying his position by disclosing sensitive information to targets of investigations, including Vincent Ramos, the founder of Phantom Secure. Prosecutors alleged that in 2015, prior to his formal NICC role, Ortis provided Ramos with "special operational information" that compromised ongoing efforts against Phantom Secure's distribution of encrypted devices to criminal networks. Ortis's communications with Ramos and other individuals, such as Salim Henareh and Muhammad Ashraf—who were suspected of ties to foreign intelligence—formed the basis of charges under 's Security of Information Act (SOIA). Emails and draft messages recovered from Ortis's devices revealed attempts to share classified details, including encryption keys and investigative leads related to Phantom Secure, which prosecutors argued facilitated the company's evasion of detection by authorities in , the , and . Ortis defended himself in court, claiming his actions were part of an unauthorized undercover operation authorized by an unnamed foreign agency to expose vulnerabilities in global intelligence sharing, but provided no verifiable evidence to support this assertion. On November 22, 2023, following a in , Ortis was convicted on all six counts: three violations of the SOIA for intentionally disclosing special operational information without authority, one count of attempting such a disclosure, breach of trust by a public officer, and unauthorized use of a computer. The convictions marked the first use of SOIA breach charges against an RCMP official in the Act's history, highlighting systemic failures in vetting and oversight within the force. On , 2024, Ortis was sentenced to 14 years in , with credit for time served reducing his effective term to seven years; the Crown had sought 28 years, citing the profound damage to and international alliances. Ortis rejected pending in September 2024, remaining in custody. The case underscored vulnerabilities in handling intelligence on encrypted criminal tools like those from Phantom Secure, as Ortis's leaks reportedly delayed the multinational takedown of the network until 2018.

Asset Seizures and Related Cases

In the course of the international operation to dismantle Phantom Secure, agencies seized the company's operational assets, including more than 150 domains and licenses that had been exploited by transnational criminal organizations for secure communications. Concurrently, authorities executed 19 search warrants, resulting in the confiscation of over 1,000 encrypted Phantom Secure devices, which provided evidentiary leads into associated drug trafficking activities. As part of his guilty plea in United States v. Ramos (S.D. Cal., Case No. 3:18-CR-01404-WQH), Phantom Secure chief executive Vincent Ramos agreed to forfeit at least $80 million in proceeds derived from the , encompassing revenues from device sales and related . This forfeiture order, finalized following his May 28, 2019, sentencing to nine years' imprisonment, targeted assets accumulated through facilitating the distribution of at least 450 kilograms of via the platform, among other narcotics offenses. In a related civil forfeiture action tied to the Ramos indictment, U.S. authorities coordinated with officials to seize $3,971,468.40 from four accounts on , , representing untaxed illicit funds generated specifically from Phantom Secure sales to criminal networks. These funds, identified through financial tracing of international transactions, were formally forfeited to the as proceeds of the conspiracy, underscoring the enterprise's global financial footprint. No additional major asset recoveries have been publicly documented in subsequent proceedings, though the seizures bolstered ancillary investigations into Phantom Secure's distributors and end-users in multiple jurisdictions.

Controversies

Debates on Privacy Rights versus Crime Facilitation

The shutdown of in March 2018 intensified broader discussions on whether robust technologies inherently protect or inadvertently—or deliberately—facilitate . agencies, including the FBI and RCMP, maintained that Phantom Secure's modified devices, which removed GPS tracking, cameras, and standard SIM cards while offering remote wiping and a proprietary encrypted network, were engineered specifically to shield high-level drug traffickers from detection, enabling operations like shipments valued in billions and associated . Prosecutors argued this constituted , as the service's relied on non-cooperation with authorities and targeted clientele known to include cartels and outlaw motorcycle gangs, with over 80% of devices sold to verified criminals. Privacy proponents, drawing parallels to the "going dark" debate, contended that law enforcement's infiltration of Phantom Secure—achieved after CEO Vincent Ramos rejected demands to install surveillance backdoors—sets a precedent for undermining end-to-end encryption, potentially eroding public trust in secure communications for non-criminal users. However, analyses of the case emphasize that Phantom Secure differed from mainstream tools like Signal or WhatsApp, as its closed ecosystem excluded legitimate features (e.g., no app store or public connectivity) and was advertised as "impervious to decryption, wiretapping, or legal requests," aligning it more with criminal enterprise than general privacy protection. Empirical outcomes from the , including hundreds of arrests and seizures of drugs and assets worth millions across multiple countries, underscored the causal link between Phantom's unmonitored and escalated criminal coordination, such as plotting murders and large-scale trafficking without fear of interception. Legal scholars note that while the prosecution did not target general providers, it highlighted how services knowingly catering to illicit networks forfeit defenses, prioritizing crime enablement over rights-based arguments. This perspective aligns with court findings that Ramos's refusal to cooperate stemmed not from universal principles but from safeguarding criminal subscribers, generating over $7 million in revenue from such sales between 2015 and 2018.

Criticisms of Law Enforcement Overreach

Critics of the Phantom Secure takedown, including legal scholars, have argued that the prosecution's emphasis on the service's resistance to decryption sets a that could criminalize privacy-focused technologies beyond explicitly criminal enterprises. In the case, authorities indicted Vincent Ramos under statutes partly for providing communications "designed to be proof against access," raising questions about whether intent to evade alone suffices for charges when the service marketed itself as impervious to wiretaps or data requests. This approach, while justified by Phantom Secure's exclusive clientele among drug cartels and groups, has prompted concerns that it might extend to "bespoke operators" developing strong for broader users, potentially chilling innovation in secure communications tools. Prior to the 2018 shutdown, the FBI attempted to coerce into installing a backdoor for monitoring users, including high-level members of the , by leveraging promises of leniency in exchange for technical access or identifying device owners. refused, leading authorities to pivot to an undercover operation where an gained administrative control over the network, enabling of messages from thousands of devices worldwide. commentators have viewed such preemptive demands for backdoors as an overreach, arguing they undermine of even in targeted criminal investigations, and echo broader "going dark" debates where seeks exceptional access without judicial warrants for each user. The operation's scale—yielding evidence used in over 300 arrests across multiple countries—has also drawn scrutiny for potential warrantless of non-U.S. persons, as international bypassed individualized in some jurisdictions. However, defenders of the actions note that Phantom Secure's deliberate data wiping upon user arrests constituted , justifying aggressive infiltration tactics under existing laws. These criticisms remain limited, as the service's overt facilitation of transnational trafficking, including coordination of murders, diminished claims of legitimate interests.

Impact and Legacy

Effects on Criminal Networks

The shutdown of Phantom Secure in March 2018 severed a critical communication lifeline for high-level members of international criminal organizations, including drug trafficking syndicates and groups, who relied on its modified encrypted devices for coordinating activities across borders. The platform, which served over 14,000 subscribers worldwide with devices marketed exclusively to criminals, enabled secure messaging that evaded traditional interception, facilitating operations in more than 100 countries. Seizure of Phantom Secure's servers by international authorities, including the Royal Canadian Mounted Police and FBI, granted access to millions of intercepted messages, yielding actionable intelligence on covert criminal dealings such as drug shipments and . This immediate disruption compelled users to abandon the network, described by the FBI as eliminating a key platform for "dangerous " previously insulated from detection. In regions like Australia, where Phantom Secure devices were extensively used—numbering over 14,000—the takedown inflicted what New South Wales Police termed "one of the most significant blows to organised crime," hampering coordination among syndicates involved in narcotics importation and violence. Criminal networks experienced operational setbacks, including delayed shipments and internal paranoia over potential compromises, as the service's "no logs" policy failed under server confiscation, exposing patterns of activity previously deemed secure. Law enforcement leveraged this intelligence for targeted arrests and seizures, such as the subsequent forfeiture of millions in assets linked to Phantom Secure's facilitation of transnational drug enterprises. However, the vacuum created by the shutdown prompted rapid adaptation, with users migrating to alternative encrypted providers like Sky Global or emerging platforms, some of which were later infiltrated through operations like the FBI's ANOM sting. Longer-term, the Phantom Secure disruption underscored vulnerabilities in specialized criminal communication ecosystems, contributing to a cascade of global enforcement actions that dismantled portions of affected networks. For instance, intercepted data informed investigations into production and distribution rings, revealing operational details that traditional had missed. While no comprehensive quantitative assessment of reduced criminal output exists, official reports attribute hundreds of follow-on arrests and billions in disrupted illicit trade to intelligence derived from the takedown, though resilient groups partially mitigated impacts by decentralizing to consumer-grade apps or custom solutions. This shift, however, often exposed networks to heightened risks, as evidenced by the 2021 , which exploited post-Phantom migrations for over 800 arrests worldwide.

Influence on Subsequent Encrypted Communication Tools

The shutdown of Phantom Secure in March 2018 prompted its user base, primarily figures, to migrate to competing encrypted communication platforms, including Sky Global and , which absorbed former Phantom customers and capitalized on the resulting demand. Sky Global, a Vancouver-based provider founded in but operating in a similar niche, expanded its distribution networks and emphasized controlled resale channels to mitigate risks exposed by Phantom's compromise. , active since 2016, saw increased adoption among European criminal syndicates post-Phantom, incorporating features like remote wipes and encrypted messaging tailored to evade standard . This transition underscored key vulnerabilities in provider-centric models, where centralized servers and potential insider cooperation enabled infiltration, as occurred with through FBI-embedded communications. Subsequent tools adapted by prioritizing without logging, self-destructing messages, and decentralized architectures to reduce single points of failure, though these measures proved imperfect against advanced tactics like deployment. Criminal networks also began developing in-house alternatives, such as the Scottish-based MPC service run directly by drug traffickers, to eliminate reliance on third-party providers. The Phantom case further shaped law enforcement responses, informing the FBI's launch of in 2018—a covert encrypted device company distributed through criminal intermediaries to monitor over 300 syndicates worldwide, culminating in more than 800 arrests by June 2021. This strategy exploited distrust in post-Phantom commercial services, with ANOM devices marketed as superior to predecessors by removing microphones, cameras, and GPS trackers akin to Phantom's modifications. Longer-term, Phantom's disruption fragmented the market for illicit encrypted tools, driving some users toward mainstream applications like Signal and for their robust, non-proprietary encryption, while specialized platforms faced serial takedowns— via French in 2020 yielding millions of intercepted messages, and Sky ECC through Belgian-led intercepts in 2021 affecting billions of communications. These events reinforced a cycle of innovation and counter-innovation, with providers like Omerta offering post-takedown discounts to lure defectors, yet highlighting persistent challenges in achieving truly unassailable criminal secrecy.

References

  1. [1]
    Phantom Secure Takedown - FBI
    Mar 16, 2018 · They are charged with conspiracy to distribute narcotics and Racketeer Influenced and Corrupt Organizations (RICO) Act violations. This case is ...Missing: documents | Show results with:documents
  2. [2]
    Chief Executive and Four Associates Indicted for Conspiring with ...
    Mar 15, 2018 · According to court documents, Phantom Secure advertised its products as impervious to decryption, wiretapping or legal third-party records ...Missing: facts | Show results with:facts
  3. [3]
    Chief Executive of Communications Company Sentenced to Prison ...
    May 28, 2019 · “Vincent Ramos is going to prison because he provided violent, drug trafficking organizations with a high tech tool that enabled them to ...
  4. [4]
    CEO of Encrypted Communications Company Pleads Guilty to ...
    Oct 2, 2018 · Vincent Ramos, the chief executive of Canada-based Phantom Secure, pleaded guilty today to leading a criminal enterprise that facilitated the transnational ...Missing: facts | Show results with:facts
  5. [5]
    Vincent Ramos, CEO of Encrypted Phone Company That Sold to ...
    Nov 7, 2024 · Phantom Secure started legitimate before turning into a tech company for organized crime. Its owner, Vincent Ramos, is now out of prison.
  6. [6]
    Millions in Assets of Encrypted Telecommunications Criminal ...
    Dec 14, 2020 · SAN DIEGO – Four bank accounts containing $3,971,468.40 in illicit funds generated from Phantom Secure, an encrypted telecommunications network ...
  7. [7]
    True Crime Story - Phantom Secure
    Vincent Ramos was a cyber genius and the CEO of Vancouver-based company, Canada. Visionary, he could have had a brilliant career in the tech industry.
  8. [8]
    The Network: How a Secretive Phone Company Helped the Crime ...
    Oct 22, 2020 · He'd travelled to meet an associate as part of his multi-million dollar business, selling encrypted phones under the brand name Phantom Secure.
  9. [9]
    How a Canadian Company's Encrypted Phones Ended Up in the ...
    which also had its origins in ...
  10. [10]
    'Every message was copied to the police': the inside story of the ...
    Sep 11, 2021 · Billed as the most secure phone on the planet, An0m became a viral sensation in the underworld. There was just one problem for anyone using it for criminal ...
  11. [11]
    EP 105: Secret Cells - Darknet Diaries
    Joseph Cox, Senior Staff Writer at Motherboard, joins us to talk about the world of encrypted phones.<|separator|>
  12. [12]
    The Rise and Fall of a Double Agent | The Walrus
    Apr 20, 2021 · Fundamentally, Phantom Secure was a hardware company. It sold modified BlackBerry handsets that had been customized to communicate only with ...
  13. [13]
    Blackberry modified to 'help drug cartels' - BBC
    Mar 15, 2018 · Canadian-based Phantom Secure made "tens of millions of dollars" selling the modified Blackberry devices for use by the likes of the Sinaloa ...Missing: timeline | Show results with:timeline
  14. [14]
    Modified BlackBerry phones sold to drug dealers, five indicted
    Mar 19, 2018 · A cocaine bust in Southern California has led to the indictment of five execs at “uncrackable” phone seller Phantom Secure.
  15. [15]
    Phantom Secure - Wikipedia
    Phantom Secure was a Canadian company that provided modified secure mobile phones, which were equipped with a remotely operated kill switch.
  16. [16]
    Australian Federal Police seize Phantom Secure phones as part of ...
    Mar 15, 2018 · ... modified BlackBerry smartphones to Australians. Earlier this week, the FBI arrested the head of Phantom Secure, Vincent Ramos, and charged ...Missing: hardware | Show results with:hardware
  17. [17]
    United States of America v. Ramos, No. 3:18-CR-01404-WQH (S.D. ...
    Jun 12, 2019 · According to an informant, Phantom Secure's devices were specifically designed, marketed and distributed for use by transnational criminal ...
  18. [18]
    Phantom Secure CEO sold encrypted phones to drug cartels
    Oct 8, 2018 · The CEO of “uncrackable” phone seller, Phantom Secure, has pleaded guilty to helping drug sellers keep their business locked away from the eyes of law ...
  19. [19]
    Chief Executive and Four Associates Indicted for Conspiring with ...
    Mar 15, 2018 · SAN DIEGO – Vincent Ramos, the chief executive of Canada-based Phantom Secure, and four of his associates were indicted by a federal grand ...
  20. [20]
    Crown wants 28-year sentence for Cameron Ortis, ex-RCMP ... - CBC
    Jan 11, 2024 · Former RCMP intelligence official Cameron Ortis has been found guilty of leaking secret information to police targets and charged with multiple ...
  21. [21]
    RCMP admits 'mistakes were made' with Cameron Ortis - CBC
    Nov 30, 2023 · Ortis was found guilty of sharing information with Ramos, Salim Henareh and Muhammad Ashraf. Police suspected Henareh and Ashraf of being agents ...
  22. [22]
    Jury Finds Ortis Guilty - News Release - PPSC
    Nov 23, 2023 · A jury found Cameron Ortis guilty of four offences under the Security of Information Act for intentionally and without authority communicating special ...Missing: Phantom | Show results with:Phantom
  23. [23]
    Cameron Ortis Found Guilty of Providing Secrets to Criminals
    Nov 22, 2023 · A jury convicted Cameron Ortis, who defended himself by arguing that he was engaged in a secret mission when he sought to sell secrets.
  24. [24]
    Cameron Ortis: What to know about the national security trial - BBC
    Oct 3, 2023 · Following his arrest, Mr Ortis was detained for three years. He was released on December 2022 after posting bail for C$250,000 ($181,000; £ ...
  25. [25]
    A former Canadian RCMP intelligence official is found guilty of ...
    Nov 22, 2023 · Jurors declared Cameron Jay Ortis guilty of three counts of violating the Security of Information Act and one count of attempting to do so. They ...<|separator|>
  26. [26]
    Cameron Ortis, ex-RCMP official guilty of leaking secrets, sentenced ...
    Feb 7, 2024 · Ortis, 51, was found guilty in November of all six charges against him, including violating Canada's secrets act. It was the first time charges ...Missing: details | Show results with:details
  27. [27]
    Former Canadian police intelligence head sentenced to 14 years for ...
    Feb 7, 2024 · The jury found Ortis guilty in November on three counts of violating the act and one count of attempting to do so.Missing: details | Show results with:details
  28. [28]
    Cameron Ortis, ex-RCMP official found guilty of leaking secrets ...
    Sep 10, 2024 · Ortis was found guilty in November of all six charges against him, including one of violating Canada's secrets act. It was the first time ...Missing: details | Show results with:details
  29. [29]
    Canadian CEO Who Sold Encrypted Phones to the Sinaloa Cartel ...
    May 29, 2019 · Vincent Ramos, a 41-year-old Canadian man from Richmond, British Columbia, was found guilty of racketeering conspiracy and forfeited $80 million.
  30. [30]
    DOJ Seizes $4 Million in Assets Tied to Phantom Secure
    Assets worth $4 million have been seized by authorities in Singapore from the former CEO of Phantom Secure, a now-defunct encrypted telecommunications services ...Missing: facts | Show results with:facts
  31. [31]
    The FBI Tried to Plant a Backdoor in an Encrypted Phone Network
    Sep 18, 2019 · The FBI tried to force the owner of an encrypted phone company to put a backdoor in his devices, Motherboard has learned.Missing: facts documents
  32. [32]
    Illegal Secrecy? The Prosecution of Phantom Secure and Its ...
    Mar 20, 2018 · The Phantom Secure prosecution does not show that Apple or other mainstream providers could or would be prosecuted in similar fashion.
  33. [33]
    Operation Ironside - Australian Federal Police
    Aug 8, 2024 · More than 14,000 Phantom Secure devices existed in Australia. Criminals needed a new way to hide their communications from law enforcement.
  34. [34]
    When encryption fails: a glimpse behind the curtain of synthetic drug ...
    The confiscation of the server of an encrypted telephone provider resulted in the retrieval of millions of text messages about covert activities that were ...<|separator|>
  35. [35]
    Decrypted: Phantom Secure takedown a 'significant blow' against ...
    Mar 19, 2018 · According to the Australian Federal Police, the men are charged with "Knowingly participated in a criminal enterprise that facilitated the ...
  36. [36]
    Sky Global Executive and Associate Indicted for Providing Encrypted ...
    Mar 12, 2021 · Phantom Secure's chief executive, Vincent Ramos, pleaded guilty and admitted that he and his co- conspirators facilitated the distribution of ...Missing: facts court documents
  37. [37]
    FBI's Encrypted Phone Platform Infiltrated Hundreds of Criminal ...
    Jun 8, 2021 · These criminals sold more than 12,000 ANOM encrypted devices and services to more than 300 criminal syndicates operating in more than 100 ...
  38. [38]
    Operation Trojan Shield — FBI
    Jun 8, 2021 · ... Phantom Secure. In 2018, the FBI and the U.S. Attorney's Office for the Southern District of California pursued charges against the company's ...Missing: documents | Show results with:documents