- Miss USA thought everyone spoke English—and the internet is not amused Thursday 8:02 PM
- Kanye’s Twitter tirade prompts apology from Drake Thursday 6:00 PM
- Listen to Pitbull cover Toto’s ‘Africa’ for the ‘Aquaman’ soundtrack—or don’t Thursday 4:55 PM
- Nancy Pelosi’s coat is the meme the resistance needed Thursday 4:39 PM
- Oprah says what was really on her mind while she ate bland chicken Thursday 4:00 PM
- Democrats predicted to go in on net neutrality when they take House Thursday 3:33 PM
- Holland Tunnel decorations are a real nightmare before Christmas Thursday 2:12 PM
- Amazon still won’t say whether ICE uses its facial recognition tech Thursday 1:13 PM
- Ninja to host Thursday Night Football Thursday 12:00 PM
- How to stream the NFL’s Week 15 for free Thursday 12:00 PM
- An undecorated room sets off a debate on Twitter Thursday 11:42 AM
- Netflix announces Taylor Swift ‘Reputation’ concert film Thursday 11:29 AM
- People are making memes out of these ‘leaked’ ‘Sonic the Hedgehog’ posters Thursday 11:12 AM
- How to watch the Liga MX final between Club América and Cruz Azul online for free Thursday 10:38 AM
- Parents shocked by KKK costumes in school play Thursday 10:11 AM
Drug case in Ireland has fingerprints of Carnegie Mellon’s attack on Tor
Did the FBI share CMU’s methods with Irish police?
Two Irish men arrested for drug charges may be the latest known case of law enforcement using Carnegie Mellon University’s sophisticated research to crack the Tor anonymity network.
At least two criminal cases rely on data that researchers at CMU’s Software Engineering Institute provided to the FBI: that of a suspected staffer to the online black market Silk Road 2.0, and an alleged pedophile.
That list may have just expanded.
Newly released evidence shows that Irish detectives who worked the case of two convicted drug dealers may have also used data obtained through SEI’s methods.
On Monday, Neil Mannion, 34, and Richard O’Connor, 24, were jailed for possession of LSD, amphetamine, and cannabis resin with intent to supply. They were arrested back in October 2014 after a raid on a property in Dublin.
Mannion, whom presiding Judge Martin Nolan deemed the “brains of the operation,” received six-and-half years in prison, while O’Connor received three years.
Little information is available on how these two men were caught. But according to the Irish Times, a detective working on the case told the court that Mannion was placed under surveillance “after receiving confidential information about a computer IP address.”
Interestingly, that is the same sort of information that led to the arrests of other Dark Net crime suspects. In November, legal documents revealed that a “university-based research institute” had provided IP addresses to the FBI. Experts already suspected CMU of being involved in attacks on the Tor network during January and June 2014. Shortly after the news of a research institute’s involvement broke, the Tor Project, the nonprofit that maintains the Tor software, claimed that the FBI paid researchers CMU’s SEI $1 million for the information.
Previously, the Tor browser had been widely praised as a relatively safe way for anyone to hide their Internet presence and activities. Former National Security Agency contractor Edward Snowden, who in 2013 leaked a cache of classified NSA documents to journalists while on the run from the U.S., had touted its use.
The mere presence of IP address evidence alone is not enough to link the case of Mannion with the attack on Tor over a year earlier. But other details point to the bust of the Irishmen being dependent on information obtained by CMU’s SEI.
Firstly, Mannion and O’Connor were arrested on Nov. 5, 2014, according to a database of Dark Net arrests created by independent researcher Gwern Branwen. That’s the same day that the owner of Silk Road 2.0, the replacement for the infamous drug marketplace Silk Road, was arrested. The IP addresses of Silk Road 2.0 were provided to the FBI by a “source of information,” according to a search warrant in another case impacted by the attack on Tor, which court documents later confirmed was a university-based research institute.
The shuttering of Silk Road 2.0 was part of Operation Onymous, a multi-agency effort that also seized a number of other Dark Net sites.
Brendan English, a spokesperson for the Irish police, confirmed to the Daily Dot that the arrests of Mannion and O’Connor were also part of Operation Onymous. But he said “we are not in a position to comment” when asked about where the IP addresses provided to Irish authorities came from. The FBI declined to comment.
Regardless, the FBI’s source of information also provided the agency with 78 individual IP addresses that accessed the vendor section of Silk Road 2.0, according to the same search warrant. The vendor section of the site was, naturally, only supposed to be known to, and accessed by, those selling products on the marketplace. Thus, Mannion was, presumably, a regular visitor to this section of the site, as he is a confessed Dark Net drug dealer.
Although the evidence is largely circumstantial, the most likely way Irish investigators obtained the IP address of Mannion was via the work of CMU’s SEI. But only as more information about current cases becomes available, and charges are brought forward to other individuals, can the full extent of the attack on Tor be realized.
Illustration by Jason Reed
Joseph Cox reports on cybercrime and hacking for Vice's Motherboard site. He also maintains Spy Tech Exports on Medium, a repository for documents and data pertaining to surveillance technology. His work has also appeared on HuffPost, the MIT Technology Review, the Daily Beast, and Virus Bulletin.