{"id":56151,"date":"2013-08-06T00:56:48","date_gmt":"2013-08-05T23:56:48","guid":{"rendered":"http:\/\/rinf.com\/alt-news\/breaking-news\/fbi-suspected-in-hacking-anonymity-software-tor-to-arrest-child-porn-suspect\/56151\/"},"modified":"2013-08-06T00:56:48","modified_gmt":"2013-08-05T23:56:48","slug":"fbi-suspected-in-hacking-anonymity-software-tor-to-arrest-child-porn-suspect","status":"publish","type":"post","link":"http:\/\/rinf.com\/alt-news\/breaking-news\/fbi-suspected-in-hacking-anonymity-software-tor-to-arrest-child-porn-suspect\/","title":{"rendered":"FBI suspected in hacking anonymity software Tor to arrest child porn suspect"},"content":{"rendered":"
<\/a><\/div>\n

Security experts have accused US law enforcement of taking advantage of a flaw in the Firefox Internet browser then exploiting it to identify and potentially monitor subscribers to Tor, which shields an individual’s online activity from privacy threats.<\/p>\n

\n A piece of malicious software was launched Sunday morning and
\n appeared to target Firefox users who use a Tor add-on that allows
\n them to browse the Internet without putting their location,
\n communication, and other activities at risk. The malware was also
\n reported on multiple websites affiliated with Freedom Hosting, a
\n web-hosting company favored by customers who wish to remain
\n anonymous.\u00a0\n<\/p>\n

\n The exact origin of the malware attack remains unknown, although
\n the Federal Bureau of Investigation and the National Security
\n Agency are among the chief suspects. When the malware was
\n analyzed, its source was identified as a Virginia server
\n belonging to SAIC, a contractor known to work with multiple
\n government agencies, according to TechDirt.\u00a0\n<\/p>\n

\n \u201cIt just sends identifying information to some IP in Reston,
\n Virginia<\/i>,\u201d reverse-engineer Vlad Tsyrklevich told Wired.
\n \u201cIt\u2019s pretty clear that it\u2019s the FBI or it\u2019s some other law
\n enforcement agency that\u2019s US-based<\/i>.\u201d\u00a0\n<\/p>\n

\n Users who visited Freedom Hosting\u2019s websites while cloaked by the
\n Tor Browsing Bundle were targeted for identification, possibly
\n because of Freedom Hosting\u2019s known willingness to look the other
\n way when nefarious activity sprouted on company-protected
\n networks.\n<\/p>\n

\n The malware and site outages come just days after the arrest of
\n Eric Eoin Marques in Ireland. The 28-year-old is expected to be
\n extradited from Dublin to Washington DC after the FBI claims he
\n used Freedom Hosting to become \u201cthe largest facilitator of
\n child porn on the planet<\/i>.\u201d Marques is alleged to be behind
\n Freedom Hosting, which first made headlines in 2011 when the
\n Anonymous hacker collective launched a
\n distributed-denial-of-service (DDoS) attack against sites
\n depicting child porn.\u00a0
\n <\/p>\n<\/p>\n

\n Tor \u2014 an acronym for \u201cThe Onion Router\u201d \u2014 was quick to distance
\n itself from Freedom Hosting after Marques\u2019 arrest, issuing a
\n statement on its official blog saying \u201cthe persons who run
\n Freedom Hosting are in no way affiliated or connected to the Tor
\n Project Inc, the organizations coordinating the development of
\n the Tor software and research<\/i>.\u201d \u00a0\n<\/p>\n

\n \u201cAnyone can run hidden services, and many do<\/i>,\u201d the
\n statement read. \u201cOrganizations run hidden services to protect
\n dissidents, activists, and protect the anonymity of users trying
\n to find help for suicide prevention, domestic violence, and abuse
\n recovery<\/i>.\u201d\n<\/p>\n

\n The Tor blog post went on to warn that, while the script was a
\n threat to Firefox users, the malware only targeted users with an
\n old version of the browser.\u00a0\n<\/p>\n

\n \u201cThe malware payload could be trying to exploit potential bugs
\n in Firefox 17 ESR, on which our Tor Browser is based. We\u2019re
\n investigating these bugs and will fix them if we can<\/i>.\u201d\u00a0\n<\/p>\n

\n While the FBI reportedly sought Marques for more than a year, the
\n Bureau is known to have drastically increased its use of malware
\n in recent years. Agents first began using a computer and Internet
\n protocol address verifier, known as CIPAV, in 2007 to infiltrate
\n a suspect\u2019s computer, capture the data, and send that information
\n back to FBI servers in Virginia.\u00a0\n<\/p>\n

\n Seven years ago Wired reported that CIPAV gathered information
\n including \u201cthe computer’s IP address; MAC address; open ports;
\n a list of running programs; the operating system type, version
\n and serial number; preferred internet browser and version; the
\n computer’s registered owner and registered company name; the
\n current logged-in user name and the last-visited URL<\/i>.\u201d\n<\/p>\n

\n Since then, the FBI has hired former hackers to monitor users\u2019
\n key-logs, even capable of turning on a mobile phone\u2019s microphone
\n from Virginia. They have also requested court permission to
\n override an individual\u2019s phone or computer camera in order to
\n snap pictures of a suspect. Judges have consistently denied such
\n requests by citing the possibility innocent people would be
\n snared in an all-encompassing dragnet, a situation with an eerie
\n similarity to what could happen on anonymous Tor networks.\n<\/p>\n

Republished from: RT<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Security experts have accused US law enforcement of taking advantage of a flaw in the Firefox Internet browser then exploiting it to identify and potentially monitor subscribers to Tor, which shields an individual’s online activity from privacy threats. A piece of malicious software was launched Sunday morning and appeared to target Firefox users who use […]<\/p>\n","protected":false},"author":1,"featured_media":56152,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[487],"tags":[],"class_list":{"0":"post-56151","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-breaking-news"},"_links":{"self":[{"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/posts\/56151","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/comments?post=56151"}],"version-history":[{"count":0,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/posts\/56151\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/media\/56152"}],"wp:attachment":[{"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/media?parent=56151"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/categories?post=56151"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/rinf.com\/alt-news\/wp-json\/wp\/v2\/tags?post=56151"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}