Reports show that FBI’s hacking tool succeeded in cracking Tor and identifying the visitors to a dark web child pornography site.
In fact, the FBI has made use of hacking methods that have never been seen deployed till date in order to bring down the clients and owners of one of the largest child pornography sites that have ever been created on the dark web.
Playpen, a bulletin board site launched in August 2014, enabled Internet users to create an account and then upload images of their choice on to the dark web.
As per court documents, the primary purpose of the website was to advertise as well as distribute child pornography.
The dark web refers to the section of the internet that cannot be discovered by conventional means.
Users cannot access this section either through a Google search or by entering the URL of a site.
As the websites remain hidden, they are a safe haven for cyber criminals who created underground marketplaces for selling illicit and banned good and services, including firearms, narcotics, chemicals and counterfeit goods and services such as hacking.
Many of the dark web activities are carried out using the Tor (The Onion Router) anonymity network which serves to disguise web traffic.
FBI’s Hacking Tool Identifies IP/MAC Addresses
Playpen had as many as 215,000 members, 117,000 posts and traffic of 11,000 unique visitors per week.
On the bulletin board, the FBI identified a number of child abuse imagery and advice as to how online detection can be potentially avoided by child sex abusers.
The FBI seized the computer server that ran Playpen in February 2015.
The server belonged to a web hosting service provider located in Lenoir in North Carolina.
The FBI then decided to host Playpen on its servers in Newington, Virginia, for a period of two more weeks from February 20 to March 4.
The FBI then deployed a hacking tool – network investigative technique (NIT) – and made use of a single warrant to identify 1,300 IP addresses of visitors accessing the website.
These addresses were also traced back to actual individual users. As of now, the investigation has resulted in more than 1,500 cases.
NITs effectively captured the actual IP addresses of user computers and identified the computers’ operating system, architecture, MAC addresses, host name and active operating system username.
The hacking tool then issued a unique identification to each user.
Though the FBI has deployed NITs in the past, the agency was able to get through the Tor for the first time only in the case of Playpen.
According to reports, the hacking tool secretly installed a Flash application on the computers of users even though they accessed the bulletin board through Tor and the traffic was encrypted.
The application transmitted key data about the user back to the FBI outside of the Tor network.
It is true that the use of NITs has been instrumental in bringing down child pornographers, but what the American Civil Liberties Union is concerned about is the fact that the FBI has been able to hack more the 1,000 computers with the help of just one warrant.
The Union wants the public and the Congress evaluate as to whether NITs should be used by law enforcement at all.