Last year, FBI hackers infiltrated Freedom Hosting, a Dark Net service they called “the largest facilitator of child porn on the planet.” Using techniques borrowed from cybercriminals, the FBI delivered malware to visitors and brought down some of the biggest child-pornography websites of all time.
Freedom Hosting was run on the Tor anonymizing network, which encrypts users’ Internet traffic and bounces it to three so-called nodes around the world, thus hiding the identities and online activity of users. Tor used by a wide range of people including criminals, journalists, and political activists.
The exploit was patched a month before the FBI campaign began, but many Tor users didn’t upgrade to the newest browser nearly soon enough.
“It was really impressive how quickly they took this vulnerability in Firefox and extrapolated it to the Tor browser and planted it on a hidden service,” Andrew Lewman, executive director of the nonprofit Tor Project, told Wired.
As a direct result, new Tor releases now auto-update to avoid similar problems.
Many of the details about the FBI’s drive-by attack remain shrouded in mystery, but the Nov. 2013 arrest of Grant Klein can be traced to FBI malware installed on July 31, 2013.
Klein pleaded guilty and was just sentenced to 12 months and one day in a minimum security prison. He’ll begin serving the sentence in December and will be subject to supervised release for the following ten years. Klein is now a registered sex offender and is being put in a mental health program by the U.S. Probation office.
Eric Eoin Marques, the Irishman accused by the FBI of running Freedom Hosting, is currently fighting an uphill battle against extradition to the United States.
Photo via tup wanders (CC BY 2.0)
Correction: This article previously stated that Klein had been sentenced to two years in prison. That was incorrect. The sentence is one year.