Operation Trojan Shield was an FBI-led collaboration by law enforcement agencies from several countries, 2018–2021. Its main tool was the smartphone-based messaging app ANOM, a "honeypot" communication device which attracted and was indeed marketed to criminals, but was actually a Trojan horse covertly distributed by the United States Federal Bureau of Investigation (FBI) and the Australian Federal Police (AFP). The operation resulted in the arrest of over 800 suspects allegedly involved in criminal activity in 16 countries, including several from Estonia. Trojan Shield and the ANOM project was not without its critics and controversy, however.

ETV investigative show "Pealtnägija" set out to find out more.

When asked which of the past year's court rulings stood out, some of Estonia's best-known prosecutors and defense lawyers mentioned the so-called ANOM 'phone case. This was an international sting operation run by the FBI, involving a supposedly bug-proof 'phone being provided to wrongdoers. In fact, the authorities were fully monitoring the "burner" 'phone's communications. The number of criminals who swallowed the bait stretched into the hundreds, from Colombian cartels to Australian biker gangs.

Among the rogues' gallery were dozens of shady Estonian figures too. The op was, "Pealtnägija" reported, highly intelligent and unprecedentedly wide-reaching covert in nature. However, critics say the American authorities used forbidden methods.

At first glance, the head of the Central Criminal Police's organized crime bureau, Ago Leis, seems to be holding a completely ordinary mobile phone. Actually, this is a modified Google Pixel, and one of about 12,000 phones distributed worldwide as part of the FBI's covert operation, the so-called ANOM phone. Thanks to the tech, authorities in several countries were able to watch, essentially in real time, the planning processes behind the crimes.

This included not only drug trafficking — one of the Estonian examples included counting the money involved in a cocaine deal — and even contract killings.

"This was certainly something new, an innovative solution. Even the American and Australian police, who were involved in the initial phase, have admitted that they did not believe it could propagate globally. It was a brilliant operation on the part of the Americans, and it was a pleasure to take part in it," Leis said.

"They collected everything, absolutely everything. They said that there were 12,000 users, so they collected every single person's message," said "Alex", a seller of the encrypted phones and a Finnish national living in Spain. Alex's face was blurred out, as he noted his family's need for safety, given his actions. He was one of the intermediaries for the encrypted phones and as such an informant.

As of the time the report was filed, more than a thousand people had been charged in various countries thanks to the ANOM data, including 28 people in Estonia. But not only several suspects, also some defense lawyers, say that the huge success of the op rests on illicit methods, including those relating to the presumption of innocence.

"If we look at this in very simple terms, then this was a group of people who were singled out on the basis that they had a device that enabled encrypted communication. On the basis of that information alone, mass surveillance without a concrete suspicion of a specific crime in relation to a specific person could, in our assessment, constitute a violation," said one lawyer "Pealtnägija" spoke to, Elise Altroff.

To understand the scale of the operation and the stakes involved we have to wind the clock back a bit. Conspiring via modern-day communications tech, including with messenger apps like Telegram or WhatsApp, is an integral part of organized crime. In hardware, too, there are several companies offering special encrypted phones, some of them available in Estonia.

"This is how it is today. As early as five to 10 years ago, organized criminals began thinking about how to better hide their activities, and one of the tools became encrypted data-exchange phones, with which it was safe to communicate and to commit crimes, or so they thought," Leis noted.

The FBI in 2018 arrested in the U.S. some of the organizers of one such encrypted phone service, Phantom Secure, declaring those still at large wanted. One of these fugitives made overtures to the FBI in exchange for immunity, however, offering in this poacher-turned-gamekeeper setup to create a similar service for the authority, one that could be used as a bait trap. "He made a deal with the FBI that he can operate with the FBI," "Alex" explained.

"What they did with ANOM was one of those cases where truth is stranger than fiction; I mean, it's like a movie, a movie script: Super-creative, inventive and controversial also," noted YLE investigative journalist Veli-Pekka Hämäläinen.

And so, a new encrypted phone service, ANOM, was born: In actuality part of a covert op, Trojan Shield, overseen from the FBI's San Diego office. Product marketing pointedly stated exactly what it was on the tin: "Built by criminals for criminals," was the tagline.

"The guy who operated it was the puppet, basically, but in the background the FBI was running the company and running the operation," "Alex" went on.

Even ANOM's staff were unaware of the true purpose of the venture, Hämäläinen claimed.

"That meant that no matter who used the device, it unknowingly (from the perspective of the phone's user – ed.) sent a secret copy [of data] to a server that was either directly or indirectly under FBI control," another lawyer, Sander Potisepp, explained.

The first ANOM phones were tested in 2018, not in the FBI's jurisdiction, however, but in Australia, in conjunction with the authorities there. The following year the ANOM server, with the copies of all intercepted communications, was set up in Lithuania. This had the advantage of not being subject to U.S. federal or state law.

"This was likely because in the American legal system itself an operation like this would have been of highly questionable value. They were looking for an opportunity, or another country, where it would be possible to bypass both U.S. law and that of other countries," Altroff noted.

Lithuanian domestic law fitted the bill in terms of not prying too much into the operation. "Obviously they looked for some country who probably knew that they were doing something bad, but whose legislation and legal system would allow it to keep it secret," "Alex" said.

Now, the FBI op was essentially a startup offering criminals an attractive phone deal, while in actuality all the communications were copied to a server in Lithuania, where the FBI obtained them from, with the permission of a local court, and shared them with the authorities in various countries, at its discretion. The beauty of this setup was that ANOM started getting recommended by word-of-mouth, through the underworld grapevine. ANOM even pushed some "competitors" out of the market, it was that convincing.

An ANOM phone gave the appearance of being a usual phone with all the regular apps, but this was just a front. A calculator app allowed the encrypted communication channel to be opened once a PIN had been entered.

"A person who knows nothing about using it would not even know how to access it or configure it. To do that, you had to go into the calculator, create usernames, PIN codes, and so on," Leis explained.

The illusion of secrecy was heightened by the fact that ANOM could not be used to make regular voice calls, which could be tapped: Only to send text and voice messages, as well as images and videos.

"Certain functions were disabled here; you couldn't make video calls or send emails. That security was what was being sold," said Leis. Among other things, there was also a service which allowed content to be deleted remotely if the device fell into the "wrong" hands. These bells and whistles all came with a rather hefty price, though. "These phones were sold for a six-month usage period. The package cost up to 2,000 dollars and they were distributed through criminal networks," Leis added.

"Alex," who says he had no idea he was distributing an FBI-created device, became one of the largest ANOM resellers in Europe. He was reluctant to put exact figures on it, but he brokered hundreds of devices and provided support services, for example the remote deletion of content. He admitted that among his clients were several Estonians, but would not be drawn on further details.

"Well the thing is that if you buy an anonymous phone, I'm not asking your name, I'm not gonna ask you what you do with it; if I would've asked questions: What are you going to use the phone for, and this type of thing – who are you? – that's already gonna break the whole principle of these sales. But the fact is that obviously there were, like, criminals, attorneys, there were people cheating their wives, there was all kinds of people there – politicians too," "Alex" explained.

Leis rejected the idea that the service was used by love-rats, however. "Unfortunately, or fortunately, we have not identified a single lover or any particularly private conversations. In my view, that claim does not hold water," he noted.

According to officials, Estonian authorities were only brought on board in January 2021, when the FBI contacted the Central Criminal Police here and said they had intercepted a large number of ANOM messages which were in Estonian and which might be of interest. These all turned out to be narcotics-related.

"We understood that the conversations were being conducted in Estonian. Without exception, all conversations concerned the drug trade. Some spoke in more coded terms, others more openly, and sometimes photos were also exchanged," said Leis.

The data obtained from the FBI illuminated a drug network headed by Estonian and Finnish criminals who were living on Spain's Costa del Sol. "Pealtnägija" has been granted access to literally tens of thousands of messages that this particular group sent to each other. Since ANOM did not permit voice calls, typing out long messages was apparently sometimes too much effort for the criminals; photos or videos were often used to convey messages instead. These have been quite revealing.

Narcotics themselves, their creation, their concealment among other goods, haggling over prices and keeping accounts — even quarrels and threats, and also the showing off of status symbols and La dolce vita, as it were. ANOM was trusted so much that some users even shared pictures of themselves, or of their documents.

"For the criminal police, this is material worth its weight in gold. A picture speaks more than a thousand words," Leis reflected.

"They did not hold back. They spoke completely freely about who they were, what they did, what crimes they had committed, and what the structures were," confirmed state prosecutor Vahur Verte.

While headed by Estonians and Finns and based out of Spain, the network was much more diverse than that.

"This group is astonishingly international. One day they talked about doing business with Colombians, and the next day they were communicating with people in Moscow. This shows the scale of the global drug trade, and how Estonian organized crime is an important link in that network," Leis added.

"Some of the key figures were Estonian, in the network that brought drugs from Spain or the Netherlands to Finland, and many of the couriers were Estonian, and the middle men, different kinds of, you know, money launderers," Hämäläinen explained.

 State prosecutor Verte, who handled most of the ANOM cases brought to court in Estonia, confirms that a large proportion of the local figures were to various extents already known to the authorities; several were even already under active investigation in the spring of 2021. However, the FBI material that unexpectedly landed in their laps added significant color to the picture. The Estonian and Finnish investigative materials are vast, and involve dozens of figures, but to focus in on two personalities: Gert Raal, who according to police data went under the alias "Mendoza" when using ANOM, and Ario Feldmann, who used the alias "Asus."

Picture the scene: At the end of February 2021, 5 kilograms of cocaine is on its way to Estonia, hidden inside an old Peugeot 308 car. As the criminals suspect that police are already onto them, this car is left parked by the roadside in Riga while they try to figure out how to get the valuable cargo safely through the final straight to Estonia. After days of head-scratching, the gang decide to sell the car to themselves, under fictional identities, and order a trailer in the name of the new owner, which then transports the Peugeot to an empty parking lot by the church in Ambla, a small village around 80 kilometers southeast of Tallinn.

"Five kilos of cocaine is a staggering amount by Estonian standards. We are not talking here about two or three doses, but a potential quantity sufficient to intoxicate tens of thousands of people, and its monetary value is enormous," Verte noted.

Late in the evening of February 27, when the next gang members head to the Ambla church parking lot to pick up the consignment, a dramatic chase with police ensues, which eventually ends in the smugglers being caught. Raal and Feldmann meanwhile pontificate over ANOM about where the guys might have disappeared to. A day later it sinks in that both the men and their goods are gone, and for good. The men then discuss wiping their ANOMs, but do not do so, as they still have no idea their phones are compromised. Raal even states a belief that the detained comrades will opt for the keep-quiet option in the prisoners' dilemma.

The net is closing on the gang, though, and from several directions all at once. More than a hundred kilos of hashish is meanwhile on the way from Spain, via Estonia, to Finland, hidden in and among some cookies. Part of that shipment, according to Finnish police data, belongs to "Mendoza," i.e. Gert Raal. But again a problem arises for them: The load does reach Finland in the first days of March and is unloaded in a warehouse building in Helsinki, but those involved sense danger. Marijuana worth hundreds of thousands is sitting there in the warehouse, but no one ventures to go and collect it.

"When the shipment came to Finland, the authorities instantly arrested two of the couriers, and then the other people started worrying about: 'Look, the drugs are already in the warehouse, but the police have taken two of our men, what should we do now? They're on to us, we need to get the drugs out of the warehouse,' and it's a dramatic and maybe even slightly comical interaction," Hämäläinen described.

In actuality, the warehouse remained under surveillance by Finnish customs, who eventually entered the building and located the narcotics.

There are dozens of similar episodes relating to ANOM in Finland and Estonia alone, but the operation finally was made public in June 2021, after law enforcement agencies in various countries had conducted hundreds of searches and arrested hundreds of people.

"Alex" said his clients did not blame him for the breach. "Not really, because everybody knew that there was risk with these phones. I never said that, you know, it's 100 percent proof, that you have to be careful… there might be some people angry obviously, but you know, it is what it is," he recounted.

Overall, it is estimated that ANOM materials helped uncover about two thousand kilos of smuggled drugs and other crimes in Finland, including the planning of a murder. Figures of Estonian origin have played a central role in several court cases. In Estonia itself, 28 people ended up in court, including a group who had set up a "Breaking Bad"-style underground lab in Poland, which produced around a hundred kilos of amphetamine before being detected. Gert Raal was sentenced to prison and faces additional charges in Finland. Ario Feldmann remains internationally wanted, and is allegedly hiding out in Turkey.

As ever, crime did not pay, Leis said. "This was very painful for them. That is also evidenced in the court proceedings, where the admissibility of evidence was argued all the way to the Supreme Court. It was highly painful."

Lawyer Altroff meanwhile said the end did not always justify the means. "Our aim is not to claim that the objectives of such an operation are not noble or justified, but that does not mean that any means whatsoever may be used to achieve them," Altroff stressed.

The special operation, like something out of the movies, may have proved a wild success in terms of achieving its aims, but according to critics, it also had its dark side. The law firms where Altroff and Potisepp are partners have represented several of the accused, who ended up convicted on the basis of ANOM evidence. They even claim that ANOM evidence should not have been used at all, and took the matter to the Supreme Court in Tartu.

"It can be stated with relative certainty that the main purpose of the entire structure of this operation was precisely to conceal how this evidence was actually collected," Potisepp explained.

According to the lawyers, the FBI is still yet concealing how exactly the ANOM materials were collected, which for them raises questions. Even the Supreme Court considered the case so important that a public hearing was held in October 2024, while at the beginning of the following year, the court ruled that there was no reason to doubt the U.S. authorities, meaning the evidence remains admissible.

"I can only refer to what we have repeatedly asked our U.S. colleagues — that they explain the structure of the operation and confirm that it was carried out in accordance with domestic laws. They have repeatedly done so," Verte explained.

Last fall, however, documents concerning the ANOM operation leaked, relating to communication between U.S. and Lithuanian officials from 2019. According to defense lawyers, these show that the Lithuanian court authorizations underpinning the operation were based on falsehoods. Several major outlets reported on this, including Hämäläinen's.

"It was highly illegal and they tried to hide it, and I think probably they must know what happened, it's not right. This thing, 'oh we broke the law, but we did some good things,' you know — that's like opening a Pandora's box," Hämäläinen argued.

"The fact was concealed from Lithuanian judges that this was a device and server developed by the FBI itself. They were left with the impression that the devices had been developed by some criminal network. The Lithuanians very clearly said which wording could be problematic and which angles should be used so that granting the permit would be viable. So in substance it was a sham," Altroff noted.

Not that this has helped "Alex" all that much. He initially faced more than 20 years in prison in the U.S. and damages claims running into the millions. He reached a plea deal, however, in which he admitted to aiding drug trafficking and money laundering, and in return his prison sentence was limited to three years.

Although the highest courts of several countries have upheld ANOM evidence, defense lawyers believe the uncovered correspondence is a game changer. As a result, at least two Estonian convicts filed complaints with the European courts.

"This should matter because the state must follow the law in the same way as an individual does. If we accept that states circumvent laws or carry out evidence laundering, it will lead to abuses," Altroff stressed.

"This was extremely illegal and they tried to hide it," "Alex" noted. "The public must know what happened. They say they broke the law but did something good — it's like opening Pandora's box."

Prosecutor Verte rejected this, saying: "This is a line of reasoning I do not understand — how would this be fatal to the ordinary person? It is potentially dangerous to think that criminals may engage in international cooperation, but the police, who are supposed to protect citizens, may not."

As is well known, U.S. stock is not running particularly high at the moment when it comes to international media reports and public opinion, and it remains to be seen how the court disputes will end.

Now the tactic is public, criminals are also likely to be highly on their guard for future such sting operations, meaning ANOM and Operation Trojan Shield may end up a one-of-a-kind project.

One thing is certain: The story has legs, and a book has already been written about the ANOM operation, with even a feature film reportedly in the works...

More information on Operation Trojan Shield is available from the FBI's website here.

--

Follow ERR News on Facebook and X and never miss an update!