People use the Tor anonymity network to protect their privacy, but perhaps as much as half of all the Onion Router sites—and Tor Mail—are potentially compromised . . . and some hackers are pointing the finger of blame at the FBI.
The owner of an Irish company, Freedom Hosting, has allegedly been providing turnkey hosting services for the Darknet, or Deep Web, which is "hidden" and only accessible through Tor .onion and the Firefox browser. The FBI reportedly called Eric Eoin Marques "the largest facilitator of child porn on the planet" and wants to extradite the 28-year-old man. About that time, Freedom Hosting went down; Tor users discovered that someone had used a Firefox zero-day to deliver drive-by-downloads to anyone who accessed a site hosted by Freedom Hosting. Ofir David, of Israeli cybersecurity firm Cyberhat, told Krebs on Security, "Whoever is running this exploit can match any Tor user to his true Internet address, and therefore track down the Tor user."
If you've never visited the Hidden Wiki, then you should be fully aware that if you do, you will see things that can never be unseen. Freedom Hosting maintained servers for "TorMail, long considered the most secure anonymous email operation online," wrote Daily Dot. "Major hacking and fraud forums such as HackBB; large money laundering operations; and the Hidden Wiki, which, until recently, was the de facto encyclopedia of the Dark Net; and virtually all of the most popular child pornography websites on the planet."
"It's very likely that this is being operated by an LEA and not by blackhats," according to analysis by Vlad Tsyrklevich. "It just sends identifying information to some IP in Reston, Virginia," he told Wired. "It's pretty clear that it's FBI or it's some other law enforcement agency that's U.S.-based."
Sign up for CIO Asia eNewsletters.