FBI Used Drive-By-Downloads to Expose Tor Pedophiles

News has emerged that the FBI has been launching drive-by-download attacks in a bid to expose pedophiles using the anonymous Tor platform to hide their activities.

Operation Torpedo was begun back in 2012 but has only recently been revealed through court documents.

The genesis of the operation came when Dutch National High Tech Crime Unit (NHTCU) agents discovered a Tor site called Pedoboard, hosted in Nebraska.

The Feds surveilled the site owner for a year, before arresting him and installing back-doors on the site designed to identify the IP addresses, MAC addresses and Windows hostnames of any computers visiting the site, according to Wired.

The operation bagged the FBI 25 suspects, 14 of whom are now facing trial.

However, despite having been granted warrants for its drive-by-download activity, the FBI has been criticized for concealing its use of so-called “network investigative techniques” (NITs) far beyond the 30-day period allowed by a judge.

Some defendants didn’t find out until a year later, and there are apparently concerns that the Feds may have tricked the judge into allowing what is basically hacking activity by failing to use words like “malware” and “exploit” in the application, according to the report.

Undeterred, the FBI has also been the same technique to target suspected pedophiles using Tor to access sites hosted by the notorious Freedom Hosting.

After that firm’s owner, Eric Eoin Marques, was arrested in 2013, the FBI apparently used a Tor browser exploit to expose the IP address of users visiting pedophile sites hosted by the firm.

This has yet to be confirmed by the Bureau, however, although there are rumors that this NIS operation has already snared innocent Freedom Hosting users too.

Lamar Bailey, director of security R&D at Tripwire, argued the case shows that “you can never truly hide on the internet”.

“This is a very good targeted attack that law enforcement used to discover people who were looking at sites that contained illegal content so they could track them and find their real identities,” he explained.

“The only way for an innocent person to get effected would require them to ‘accidentally’ go to one of these monitored sites.”

What’s Hot on Infosecurity Magazine?