Tor Users Hacked
According to reports, Australia’s law enforcement authorities hacked the computers of US Tor users when the Argos taskforce carried out an investigation into a child sexual exploitation website.
In one instance, Australian authorities hacked the computer of a Tor user in Michigan for the purpose of obtaining the IP address of the suspect.
The hacking operation, which was not reported earlier, came to light when certain documents were filed in a US court recently.
This case highlights the fact that law enforcement authorities in countries around the world are hacking computers in foreign locations, raising legal questions as regards the reach of the agencies.
Australian barrister Greg Barns, also a former Australian Lawyers Alliance’s national president who practices human rights and criminal law, reportedly told Motherboard during a telephone conversation that the Australian law enforcement are not authorized to hack computers located in other countries.
Moreover, obtaining IP address of users from the Tor network by the law enforcement authorities amounts to hacking.
The Love Zone
According to the documents filed in the US court, the child abuse website “The Love Zone,” operating on the darknet accessible only using Tor, insisted that users upload content at least once every month so as to maintain their forum access. The Tor hidden site had more than 29,000 members as of July 2014.
The Argos taskforce constituted by the Queensland Police Service to combat crimes related to child exploitation identified the Australian administrator of the pornographic site partly due to the localized greetings he used in his messages.
Argos took over the administrator’s account and operated the site for many months posing as its owner.
As the pornographic website was operated on the darknet, users accessed it through Tor in order to mask their IP addresses.
Though the Argos taskforce members could track the pages visited by Tor users, they could know from where the Tor users accessed the site.
As a result, the Australian authorities hacked the computers to obtain the IP addresses of some of the users who accessed the site through the Tor network.
According to Seth Piccolo’s case document in court, The Love Zone’s proprietors designed the site to ensure user anonymity.
However, the Australian authorities unmasked the users’ IP addresses.
Piccolo who hails from Grand Rapids in Michigan was sentenced to a term of five years in prison last month after he pleaded guilty to distributing and possessing child exploits.
Court documents also describe how the Australian authorities obtained the real IP addresses of Tor users.
After the hack, information on US citizens was handed over to the FBI. Another, The Love Zone case filing suggests that IP addresses of more than 30 US users were sent to the agency.
According to a Justice Department attorneys’ report that was unsealed in March, the users are being currently investigated for accessing, producing, distributing and, receiving child sexual exploitation through the website.
Piccolo’s attorney, Matthew Borgula, said that Australian authorities sent a link to Piccolo and when he clicked on it, investigators received his real IP address.
Australian owner of The Love Zone Shannon McCoole has been sentenced to thirty-five years in jail.
However, legal issues become complicated when the authorities in Australia obtain information about overseas suspects.
Authorities may argue that they can conduct searches on overseas users as the owner of the site is an Australian.
Another argument that could be put forward is that the site was shifted to a server located in Brisbane at some point in time.
Further, the possibility of the Argos taskforce investigating the US citizens with the permission of law enforcement agencies in the US cannot also be ruled out, but there is no evidence to prove this.
Organizations and entities like the Electronic Frontier Foundation have said that discovering the IP addresses of Tor users with the help of a hacking tool amounts to a breach of rights.
However, a number of judges in the US have stated their disagreement to this notion.
They claim that usage of Tor is not protected under the Fourth Amendment.
While I am personally glad that these pedophile scum bags got caught, it highlights how vulnerable Tor can be if you don’t take extra precautions. If you are using Tor to access darkweb markets, like most of our readers, then you should be using a VPN along with Tor. This will minimize the chances of your anonymity and identity being compromised when things like this happen.