Tor-targeted malware traced to FBI
Some hacker appeared to be using custom-made malware to identify its users. But according to Wired's sources, this was no hacker. It was the FBI.
This is particularly concerning for privacy advocates, because the whole purpose of Tor is to hide the identities of users.
Tor conceals users' geographic information by routing connections through servers around the world, and although it's sometimes used for illicit purposes, it's also used by folks like political dissidents who need to protect their identities for their own safety.
Whoever did the hacking exploited a security flaw in Firefox and identified users on websites hosted by Freedom Hosting.
The telltale signs of an FBI operation are embedded in the details of the hack itself. First of all, the malware's origins were traced back to Reston, Virginia, just a few miles from FBI headquarters.
And rather than breaking into these websites and building a backdoor so that it could steal usernames and passwords like hackers are wont to do in these kinds of situations, the malware spotted over the weekend simply identified the users on the site in what can be best described as evidence-gathering.
Furthermore, this particular line of investigation makes particular sense after last Thursday's arrest of child porn kingpin Eric Eoin Marques in Ireland.
Freedom Hosting is somewhat infamous for being a favourite destination for child porn-loving sickos, infamous enough that Anonymous actually targeting the hosting service in 2011 for allegedly hosting illicit material.
So if the FBI was participating an investigation related to Marques and his potential contacts in the United States, Freedom Hosting is an obvious place to look.
So you're probably feeling a little torn.
On one hand, it's not very cool for government agencies to break into anonymous networks and start cherry-picking users. Sort of takes all the fun out of the anonymous part of anonymity.
On the other hand, however, child porn is awful. If indeed it is the FBI breaking into Tor, and the agency's trying to bring down more child porn kingpins, then who are we to judge?
Well, nobody's doing any judging here. What we are doing is observing yet another chapter in a growing volume of government creeping in on the privacy of unsuspecting Americans.
Now we're learning that it's not just the NSA either but many government agencies that want to keep track of what you're doing when nobody's looking.
So now the FBI is potentially hacking into our Anonymous network and stomping the anonymity right out of it? What's next, some crazy tool that can tell the Feds exactly what we're saying and doing at all times online?
Oh wait, that already exists.