Skip to content
July 1, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Watchtower
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • News
  • Technology
  • FBI arrests CEO Phantom who sold customized BlackBerry to Sinaloa drug trafficking group
  • Technology

FBI arrests CEO Phantom who sold customized BlackBerry to Sinaloa drug trafficking group

Do Son March 13, 2018 3 minutes read
Add as a preferred
source on Google

According to motherboard reports, over the years, some companies have specialized in the sale of encrypted mobile phones, customized BlackBerrys, and Android machines. In some cases, cameras and microphones have been removed and security information can only be sent through private networks. It is alleged that some companies mainly provide services for criminal organizations.

According to the latest court records and informed sources, the FBI has now arrested one of the most well known of these companies, Phantom Secure. Sources said that the FBI’s Phantom operation was conducted in cooperation with Canadian and Australian authorities.

A lawsuit filed in southern California on Thursday accused Vincent Ramos, Phantom’s founder, and CEO, of conspiring to commit corporate fraud, plotting drugs, and teaching others. According to the court’s decision, Ramos was arrested on the same day. Crucially, the lawsuit alleges that Ramos and his company Phantom not only simply committed crimes, but that its existence was meant to facilitate criminal activities.

Nicholas Cheviron, an FBI special agent, pointed out that even the notorious Sinaloa drug trafficking group had used Phantom equipment, and the “top members” of transnational criminal groups have all purchased Phantom’s mobile phones. According to another informed source, these devices are sold in Mexico, Cuba, and Venezuela, and the Hells Angels gang is also one of its services. Cheviron estimates that about 20,000 Phantom devices are used worldwide. Nearly half of them are in Australia, which brings Phantom’s company millions of dollars in revenue.

In addition to removing the microphones and cameras in the BlackBerry, Phantom will also remove GPS navigation, Internet browsing, and regular SMS services inside. After that, they will install a software called Pretty Good Privacy (PGP) to send encrypted messages and send them via an overseas server. At the same time, Phantom can also remotely clear data from devices detained by the authorities.

In order to find Phantom’s criminal evidence, the RCMP acted as a drug dealer and purchased Phantom’s equipment. After that, RCMP asked the company whether there was a safe route for sending information such as “Making Ecstasy to Montreal.” The latter responded that it was “acceptable”. Later, RCMP pretended to arrest a suspect who had used the Phantom device and asked Phantom to remotely clear the data. After that, RCMP undercover agents continued to expand their operations and in February 2017 they even met with Ramos in Las Vegas. Unknowing Ramos told the undercover police that they also made equipment specifically for drug dealers.

In the past few years, law enforcement agencies have won several criminal-oriented organizations that sell encrypted phones. In 2016, the Dutch police arrested Ennetcom holders, allegedly killers, drug dealers, and other serious criminals are the objects of their services. In 2017, the Dutch authorities also dismantled PGP Sure, which specializes in providing services for criminal activities.

Source: motherboard.vice.com

Related coverage

  • DHS is testing Symbiote – a biotechnology laboratory security technology
  • Misleading AI Headlines: Google Discover Testing Rewrites That Distort News Facts
  • Massive Payout: Meta Coughs Up $1.4 Billion in Facial Recognition Settlement
  • Trump Unleashes “AI Action Plan”: Deregulation Push, “Ideological Bias” Crackdown & Federal Lands for Data Centers
  • Trump Extends TikTok’s U.S. Deadline by 75 Days to Secure American Buyer

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee Logo Buy Me a Coffee PayPal
Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Share this article:

Facebook Post LinkedIn Telegram
Written by
@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Tags: Blackberry CEO Phantom fbi

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-8037CVSS 9.6
    OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to...
    Admin intel📅 Updated: Jul 1, 2026
  • CVE-2026-48558CVSS 10.0
    SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication...
    Admin intelCISA KEV📅 Added to KEV: Jun 29, 2026📅 Updated: Jun 29, 2026
  • CVE-2026-46817CVSS 9.8
    Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected...
    Admin intel📅 Updated: Jun 29, 2026
  • CVE-2026-28496CVSS 9.4
    FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
    Admin intel📅 Updated: Jun 25, 2026
  • CVE-2026-12569
    A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The...
    CISA KEV📅 Added to KEV: Jun 25, 2026
  • CVE-2025-67038CVSS 9.8
    An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write...
    CISA KEV📅 Added to KEV: Jun 23, 2026
  • CVE-2026-34908CVSS 10.0
    A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi...
    CISA KEV📅 Added to KEV: Jun 23, 2026
  • CVE-2026-34909CVSS 10.0
    A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS...
    CISA KEV📅 Added to KEV: Jun 23, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-34117CVSS 9.8
    Guardian language-system passes the id GET parameter directly into a PHP exec()...
  • CVE-2026-34116CVSS 9.8
    Guardian language-system passes the id GET parameter directly into a PHP exec()...
  • CVE-2026-34115CVSS 9.8
    Guardian language-system passes the id GET parameter directly into a PHP exec()...
  • CVE-2026-34114CVSS 9.8
    Guardian language-system passes the id GET parameter directly into a PHP exec()...
  • CVE-2026-34113CVSS 9.8
    Guardian language-system passes the id GET parameter directly into a PHP exec()...
  • CVE-2026-34112CVSS 9.8
    Guardian language-system passes the id GET parameter directly into a PHP exec()...
  • CVE-2026-34111CVSS 9.8
    Guardian language-system passes the id GET parameter directly into a PHP exec()...
  • CVE-2026-34110CVSS 9.8
    Guardian language-system passes the id GET parameter directly into a PHP exec()...
  • CVE-2026-34109CVSS 9.8
    Guardian language-system passes the id GET parameter directly into a PHP exec()...
  • CVE-2026-34108CVSS 9.8
    Guardian language-system passes the id GET parameter directly into a PHP exec()...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • Disclaimer
    • Privacy Policy
    • DMCA NOTICE
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.