Do you think that using anonymity software like Tor will protect your online presence from spies?
A new spyware has been developed by the FBI, having the ability to track and catch the suspects of child pornography even if they are using Tor to access, view and download sexually explicit images of children.
For those who are not aware, back in February the FBI agents managed to seize servers, located in North Carolina, that were being used by child porn websites to host abusive content. But because those websites had more than 200,000 paedophiles, instead of shutting down those servers, FBI agents decided to infect the servers with spyware and continued to operate it for around two weeks to catch those infringing the laws.
It is evident that the FBI has been using Network Investigation Technique (NIT) for more than a decade now, which is termed as a spyware. According to the investigation documents released by The Register, the Federal investigation team infected the website’s pages with the Metasploit Decloacking Engine, a tool developed by a white hat hacker HD Moore.
The deployment of NIT was necessary because the website visitors were using Tor to access the websites due to which the server’s log did not comprise any details about the visitors except for the nodes of the anonymizing network.
Exploiting The Vulnerability In Tor Web Browser
We all are aware of a fact that Tor is one of the most reliable anonymizing application. And if you have personally used this web browser then you must have awareness that it does not recommend you to install and enable Adobe Flash plugin and is disabled by default because enabling it will ultimately reveal your identity.
The reason why Flash plugin reveals the identity is that in most of the cases instead of using Tor protocol to establish a connection for Flash based content, the plugin establishes a direct connection to the server.
FBI agent exploited this vulnerability to transmit spyware to the targeted victim through Flash-based content and then tracked them down using NIT.
Using this same technique, the web spying team of the Federal Bureau of Investigation (FBI) has recently managed to catch a US based paedophile named Luis Escobosa who is living in Staten Island state of the New York city. He was caught using the Tor anonymity software to download abusive material related to child pornography from the Internet.
FBI found 70 indecent images of three girls aged between 5 and 8 in his PC
The paedophile, Escobosa, did not know that the Federal law enforcement organization themselves were running a hidden Dark-Web server to serve him child pornography content as bait to transmit a spyware onto his computer in an attempt to reveal his identities such as the real IP address and then ultimately tracked down his location.
FBI agents are actively using NIT to spy on suspects who are violating the US laws through Tor anonymising networks and then track them to bring them to justice.
In the past, a similar operation was conducted by a hacker who used TOX ransomware to target paedophiles. The hacker was able to infect around 1000 child predators.