306px-Tor-logo-2011-flat.svg

Tor Websites Down As Alleged Freedom Hosting Admin Arrested For Child Porn Distribution

Evidence suggests hackers employed by the FBI managed to track some Tor users

On by Max Smolaks 4

Scores of “darknet” websites and services remain inaccessible following the arrest of an Irish man believed to be the head of Freedom Hosting, the biggest service provider on the anonymous Tor network.

The FBI has accused Eric Eoin Marques of facilitating child pornography distribution. If he is extradited to the US, he could spend up to 30 years in prison.

Marques is expected to appear in Ireland’s High Court on Thursday, reports The Independent in Ireland. He was identified as a result of a cyber attack on Freedom Hosting, which had also configured the servers to spread the infection.

Hacking in the name of the law

Tor is a free encrypted network that conceals a user’s location or Internet use from anyone conducting network surveillance or traffic analysis. It hosts a variety of content from news and secure communication services to things like The Hidden Wiki, a collection of illegal instructions and manuals.

Firma VFreedom Hosting is one of the largest and most known Tor service providers. It has been linked to all manner of criminal activity, including websites dedicated to child abuse and the infamous Silk Road, an online illegal drug marketplace.

Marques, a 28 year-old Dublin resident with no previous convictions, has been described by the FBI as “the largest facilitator of child porn on the planet”. Besides Freedom Hosting, he is also alleged to be involved with encrypted email service Tormail and Bitcoin exchange Onionbank. The FBI has been hunting the man responsible for Freedom Hosting for the last 12 months.

Several sources suggest Marques was identified and tracked using a JavaScript exploit in the Tor Browser Bundle, which is based on Firefox 17 browser.

“The current news indicates that someone has exploited the software behind Freedom Hosting. From what is known so far, the breach was used to configure the server in a way that it injects some sort of JavaScript exploit in the web pages delivered to users. This exploit is used to load a malware payload to infect user’s computers,” explained Andrew Lewman, executive director of the Tor project.

“The malware payload could be trying to exploit potential bugs in Firefox 17 ESR, on which our Tor Browser is based. We’re investigating these bugs and will fix them if we can,” he added.

“We are actively investigating this information and we will provide additional information when it becomes available,” commented Michael Coates, director of security assurance at Mozilla.

Ofir David, head of intelligence at Israeli cybersecurity firm Cyberhat, told researcher Brian Krebs it looks like the exploit was used to identify not just Marques, but also other users of Freedom Hosting, and record their true IP addresses.

”Because this payload does not download or execute any secondary backdoor or commands it’s very likely that this is being operated by a [law enforcement agency] and not by blackhats,” suggested Vlad Tsyrklevich, the man who reverse-engineered the exploit.

What do you know about crime and punishment in the digital age? Take our quiz!

Max Smolaks
Author: Max Smolaks
Reporter
Max Smolaks Max Smolaks Max Smolaks

White Papers

Techweekeurope for mobile devices
Android-App Google Currents App for iOS

Last comment




4 replies to Tor Websites Down As Alleged Freedom Hosting Admin Arrested For Child Porn Distribution

  • On August 6, 2013 at 4:11 am by Jeffrey Lamb

    All you alphabet soup agencies are psychopaths. You make up charges against innocent people. If you can’t win fair and square, don’t play the fucking game, losers !

  • On August 6, 2013 at 12:12 pm by brian M

    Interesting it looks as though the US authorities have been illegally hacking computers in another sovereign nation to obtain this information.

    Maybe the Irish authorities should consider a request for the extradition of the head of the FBI or the US President for facilitating the computer crimes?

  • On August 6, 2013 at 2:14 pm by Bibby

    Anybody who thinks that this was about catching this guy or child porn has their head up their butt.

    Tormail accounts were on those servers. Hope you were using PGP.

  • On August 9, 2013 at 12:00 pm by Glenn

    The USA seems to be going down in flames. The CIA seems to have taken what it has been doing to other nations and turned its guns on the USA.

    Democracy will soon be lost.

    A house divided against itself cannot stand.

    Snowden was a patriot! He stood up to a corrupt government.

    Now comes down his hosts.

    It is sad that the nation of the free is running to enslave the world and itself as well.

Leave a Reply

  • Required fields are marked *,
    Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>