What's new
  • As of today ICMag has his own Discord server. In this Discord server you can chat, talk with eachother, listen to music, share stories and pictures...and much more. Join now and let's grow together! Join ICMag Discord here! More details in this thread here: here.

The FBI's 'Unprecedented' Hacking Campaign Targeted Over a Thousand Computers

Weird

3rd-Eye Jedi
Veteran
Not that I disagree with persecution of child crimes but it is an illustration of the false safety of tor and hte dark web



https://motherboard.vice.com/read/t...g-campaign-targeted-over-a-thousand-computers



In the summer of 2015, two men from New York were charged with online child pornography crimes. The site the men allegedly visited was a Tor hidden service, which supposedly would protect the identity of its users and server location. What made the case stand out was that the Federal Bureau of Investigation (FBI) had used a hacking tool to identify the IP addresses of the individuals.
The case received some media attention, and snippets of information about other, related arrests started to spring up as the year went on. But only now is the true extent of the FBI’s bulk hacking campaign coming to light.
In order to fight what it has called one of the largest child pornography sites on the dark web, the FBI hacked over a thousand computers, according to court documents reviewed by Motherboard and interviews with legal parties involved.
“This kind of operation is simply unprecedented,” Christopher Soghoian, principal technologist at the American Civil Liberties Union (ACLU), told Motherboard in a phone interview.
A new bulletin board site on the dark web was launched in August 2014, on which users could sign up and then upload whatever images they wanted. According to court documents, the site's primary purpose was “the advertisement and distribution of child pornography.” Documents in another case would later confirm that the site was called “Playpen.”
Just a month after launch, Playpen had nearly 60,000 member accounts. By the following year, this number had ballooned to almost 215,000, with over 117,000 total posts, and an average of 11,000 unique visitors each week. Many of those posts, according to FBI testimony, contained some of the most extreme child abuse imagery one could imagine, and others included advice on how sexual abusers could avoid detection online.
An FBI complaint described the site as “the largest remaining known child pornography hidden service in the world.”
1452026576496521.jpeg

A section of one of the complaints involved in the Playpen investigation, showing that 1300 true IP addresses were obtained.

A month before this peak, in February 2015, the computer server running Playpen was seized by law enforcement from a web host in Lenoir, North Carolina, according to a complaint filed against Peter Ferrell, one of the accused in New York. (Data hosts in Lenoir contacted by Motherboard declined to comment. One of them, CentriLogic, wrote “We have no comment on the matter referenced by you. Our obligations to customers and law enforcement preclude us from responding to your inquiry.”)
But after Playpen was seized, it wasn't immediately closed down, unlike previous dark web sites that have been shuttered by law enforcement. Instead, the FBI ran Playpen from its own servers in Newington, Virginia, from February 20 to March 4, reads a complaint filed against a defendant in Utah. During this time, the FBI deployed what is known as a network investigative technique (NIT), the agency's term for a hacking tool.
“There will probably be an escalating stream of these [cases] in the next six months or so”

While Playpen was being run out of a server in Virginia, and the hacking tool was infecting targets, “approximately 1300 true internet protocol (IP) addresses were identified during this time,” according to the same complaint.
The legal counsel for one of the accused believes that the number of eventual cases may even be slightly higher.
“Fifteen-hundred or so of these cases are going to end up getting filed out of the same, underlying investigation,” Colin Fieman, a federal public defender handling several of the related cases, told Motherboard in a phone interview. Fieman, who is representing Jay Michaud, a Vancouver teacher arrested in July 2015, said his estimate comes from what “we've seen in terms of the discovery.”
“There will probably be an escalating stream of these [cases] in the next six months or so,” Fieman added. “There is going to be a lot in the pipeline.”
Fieman has three cases pending in his defenders office, he said. According to court documents, charges have also been filed against defendants in Connecticut, Massachusetts, Illinois, New York, New Jersey, Florida, Utah, and Wisconsin.
In court filings, Fieman describes the use of this broad NIT as an “extraordinary expansion of government surveillance and its use of illegal search methods on a massive scale.”
NITs come in all sorts of different forms, and have been used since at least 2002. Malware has been delivered to bomb threat suspects via phishing emails, and the FBI has also taken over hosting services and surreptitiously exploited a known bug in Firefox to identify users connecting with the Tor Browser Bundle.
In 2011, “Operation Torpedo” was launched, which saw the agency place an NIT on the servers of three different hidden services hosting child pornography, which would then target anyone who happened to access them. The NIT used a Flash application that would ping a user's real IP address back to an FBI controlled server, rather than routing their traffic through the Tor network and protecting their identity.
When WIRED reported on that operation in 2014, “over a dozen alleged users of Tor-based child porn sites” were headed for trial. And within a two-week period, the FBI reportedly collected IP addresses for at least 25 of the site's US visitors.
But the case of Playpen appears to be much, much broader in scope.
1452027052172745.jpeg

A section of an affidavit in support of application for a search warrant, as part of the Playpen case, showing what sort of data the NIT sent to the FBI.

“We're not talking about searching one or two computers. We're talking about the government hacking thousands of computers, pursuant to a single warrant,” said Soghoian, the ACLU technologist.
With earlier cases, the FBI's broad NIT attacks had used already known and patched vulnerabilities. But because the Tor Browser Bundle had no auto-update mechanism in August 2013—around the time of one of the FBI's attacks—only those users who bothered or remembered to patch their systems were safe. Evidentially, some people forgot.
The same might be true of the Playpen NIT: automatic updates to the Tor Browser Bundle were introduced in August 2015, months after the FBI had already obtained over a thousand IP addresses.
“There is no public information revealing whether or not the FBI used a zero-day in this case, or an exploit that targeted a known flaw,” Soghoian said.
It’s not totally clear exactly how it was deployed, but the warrant allowed for anyone who logged into the site to be hacked.


Some clues about the Playpen NIT exist however. The NIT is likely different to the one used in Operation Torpedo because according to court filings that one is “no longer in use.” As for how the Playpen NIT operates, it’s not totally clear exactly how it was deployed, but the warrant allowed for anyone who logged into the site to be hacked.
“Basically, if you visited the homepage, and started to sign up for a membership, or started to log in, the warrant authorised deployment of the NIT,” Fieman said. From here, the NIT would send a target's IP address, a unique identifier generated by the NIT, the operating system running on the computer and its architecture, information about whether the NIT had already been deployed to the same computer, the computer's Host Name, operating system username, and the computer's MAC address.
Experts say that the true nature of NITs—that is, as powerful hacking tools—is kept from judges when law enforcement ask for authorisation to deploy them.
“Although the application for the NIT in this case isn't public, applications for NITs in other cases are,” said Soghoian. “Time and time again, we have seen the Department of Justice is very vague in the application they're filing. They don't make it clear to judges what they're actually seeking to do. They don't talk about exploiting browser flaws, they don't use the word 'hack.'”
“And even if judges know what they're authorizing, there remain serious questions about whether judges can lawfully approve hacking at such scale,” Soghoian added.
Magistrate Judge Theresa C. Buchanan in the Eastern District of Virginia, who signed the warrant used for the NIT, did not respond to questions on whether she understood that the warrant would grant the power to hack anyone who signed up to Playpen, or whether she consulted technical experts before signing it, and her office said not to expect a reply.
But Fieman said that the warrant “effectively authorizes an unlimited number of searches, against unidentified targets, anywhere in the world.”
While Soghoian warned about what this scale of hacking may signal for the future of policing. “This is a scary new frontier of surveillance, and we should not be heading in this direction without public debate, and without Congress carefully evaluating whether these kind of techniques should be used by law enforcement," he said.
The FBI did not provide a response in time for publication.
Plenty of questions remain about this law enforcement hacking operation, such as the exact wording used in the authorisation for the NIT, the technical aspects of the NIT itself, and how many computers were targeted outside of the United States.
The UK's National Crime Agency (NCA), which often receives intelligence from the FBI, told Motherboard in a statement that "The NCA does not routinely confirm or deny the receipt of specific intelligence for reasons of operational security. We work closely with international partners both in law enforcement and industry to share intelligence and work collaboratively to bring those involved in the sexual exploitation of children to account." Europol, Europe’s law enforcement agency, did not respond to a request for comment.
Regardless, in taking down one of the biggest dark web child pornography sites, the FBI also engaged in likely the largest law enforcement hacking campaign to date.
 

ChaosCatalunya

5.2 club is now 8.1 club...
Veteran
Ever since the Greeks got frustrated with conventional methods of entering Troy, subterfuge has been popular and I very much doubt that they invented the idea.

It came out a while ago that the feds were specifically looking at people who were detected using Tor, the best minds and hackers around work for the spooks, I know one who was caught fucking about on the darkside who now spends most of his time tracking paedophiles for them, or was the last time we spoke. I would be shocked if he and his friends were not more focused on Islamic extremism now and that includes the partial compromising of Tor. Personally I would bet cash that they are far more advanced than we already know.

During the Falklands war Argentina's military was using encrypted comms gifted from their friends the US, NSA, the Americans handed the British the backdoor key and thus the crucial ability to spy on all the Argentine comms, and a decisive advantage in the War.

Understand how they work, how that have always worked, Leopards do not change their spots
 

CoCoSativas

Active member
Not that I disagree with persecution of child crimes but it is an illustration of the false safety of tor and hte dark web



https://motherboard.vice.com/read/t...g-campaign-targeted-over-a-thousand-computers



In the summer of 2015, two men from New York were charged with online child pornography crimes. The site the men allegedly visited was a Tor hidden service, which supposedly would protect the identity of its users and server location. What made the case stand out was that the Federal Bureau of Investigation (FBI) had used a hacking tool to identify the IP addresses of the individuals.
The case received some media attention, and snippets of information about other, related arrests started to spring up as the year went on. But only now is the true extent of the FBI’s bulk hacking campaign coming to light.
In order to fight what it has called one of the largest child pornography sites on the dark web, the FBI hacked over a thousand computers, according to court documents reviewed by Motherboard and interviews with legal parties involved.
“This kind of operation is simply unprecedented,” Christopher Soghoian, principal technologist at the American Civil Liberties Union (ACLU), told Motherboard in a phone interview.
A new bulletin board site on the dark web was launched in August 2014, on which users could sign up and then upload whatever images they wanted. According to court documents, the site's primary purpose was “the advertisement and distribution of child pornography.” Documents in another case would later confirm that the site was called “Playpen.”
Just a month after launch, Playpen had nearly 60,000 member accounts. By the following year, this number had ballooned to almost 215,000, with over 117,000 total posts, and an average of 11,000 unique visitors each week. Many of those posts, according to FBI testimony, contained some of the most extreme child abuse imagery one could imagine, and others included advice on how sexual abusers could avoid detection online.
An FBI complaint described the site as “the largest remaining known child pornography hidden service in the world.”
View Image
A section of one of the complaints involved in the Playpen investigation, showing that 1300 true IP addresses were obtained.

A month before this peak, in February 2015, the computer server running Playpen was seized by law enforcement from a web host in Lenoir, North Carolina, according to a complaint filed against Peter Ferrell, one of the accused in New York. (Data hosts in Lenoir contacted by Motherboard declined to comment. One of them, CentriLogic, wrote “We have no comment on the matter referenced by you. Our obligations to customers and law enforcement preclude us from responding to your inquiry.”)
But after Playpen was seized, it wasn't immediately closed down, unlike previous dark web sites that have been shuttered by law enforcement. Instead, the FBI ran Playpen from its own servers in Newington, Virginia, from February 20 to March 4, reads a complaint filed against a defendant in Utah. During this time, the FBI deployed what is known as a network investigative technique (NIT), the agency's term for a hacking tool.
“There will probably be an escalating stream of these [cases] in the next six months or so”

While Playpen was being run out of a server in Virginia, and the hacking tool was infecting targets, “approximately 1300 true internet protocol (IP) addresses were identified during this time,” according to the same complaint.
The legal counsel for one of the accused believes that the number of eventual cases may even be slightly higher.
“Fifteen-hundred or so of these cases are going to end up getting filed out of the same, underlying investigation,” Colin Fieman, a federal public defender handling several of the related cases, told Motherboard in a phone interview. Fieman, who is representing Jay Michaud, a Vancouver teacher arrested in July 2015, said his estimate comes from what “we've seen in terms of the discovery.”
“There will probably be an escalating stream of these [cases] in the next six months or so,” Fieman added. “There is going to be a lot in the pipeline.”
Fieman has three cases pending in his defenders office, he said. According to court documents, charges have also been filed against defendants in Connecticut, Massachusetts, Illinois, New York, New Jersey, Florida, Utah, and Wisconsin.
In court filings, Fieman describes the use of this broad NIT as an “extraordinary expansion of government surveillance and its use of illegal search methods on a massive scale.”
NITs come in all sorts of different forms, and have been used since at least 2002. Malware has been delivered to bomb threat suspects via phishing emails, and the FBI has also taken over hosting services and surreptitiously exploited a known bug in Firefox to identify users connecting with the Tor Browser Bundle.
In 2011, “Operation Torpedo” was launched, which saw the agency place an NIT on the servers of three different hidden services hosting child pornography, which would then target anyone who happened to access them. The NIT used a Flash application that would ping a user's real IP address back to an FBI controlled server, rather than routing their traffic through the Tor network and protecting their identity.
When WIRED reported on that operation in 2014, “over a dozen alleged users of Tor-based child porn sites” were headed for trial. And within a two-week period, the FBI reportedly collected IP addresses for at least 25 of the site's US visitors.
But the case of Playpen appears to be much, much broader in scope.
View Image
A section of an affidavit in support of application for a search warrant, as part of the Playpen case, showing what sort of data the NIT sent to the FBI.

“We're not talking about searching one or two computers. We're talking about the government hacking thousands of computers, pursuant to a single warrant,” said Soghoian, the ACLU technologist.
With earlier cases, the FBI's broad NIT attacks had used already known and patched vulnerabilities. But because the Tor Browser Bundle had no auto-update mechanism in August 2013—around the time of one of the FBI's attacks—only those users who bothered or remembered to patch their systems were safe. Evidentially, some people forgot.
The same might be true of the Playpen NIT: automatic updates to the Tor Browser Bundle were introduced in August 2015, months after the FBI had already obtained over a thousand IP addresses.
“There is no public information revealing whether or not the FBI used a zero-day in this case, or an exploit that targeted a known flaw,” Soghoian said.
It’s not totally clear exactly how it was deployed, but the warrant allowed for anyone who logged into the site to be hacked.


Some clues about the Playpen NIT exist however. The NIT is likely different to the one used in Operation Torpedo because according to court filings that one is “no longer in use.” As for how the Playpen NIT operates, it’s not totally clear exactly how it was deployed, but the warrant allowed for anyone who logged into the site to be hacked.
“Basically, if you visited the homepage, and started to sign up for a membership, or started to log in, the warrant authorised deployment of the NIT,” Fieman said. From here, the NIT would send a target's IP address, a unique identifier generated by the NIT, the operating system running on the computer and its architecture, information about whether the NIT had already been deployed to the same computer, the computer's Host Name, operating system username, and the computer's MAC address.
Experts say that the true nature of NITs—that is, as powerful hacking tools—is kept from judges when law enforcement ask for authorisation to deploy them.
“Although the application for the NIT in this case isn't public, applications for NITs in other cases are,” said Soghoian. “Time and time again, we have seen the Department of Justice is very vague in the application they're filing. They don't make it clear to judges what they're actually seeking to do. They don't talk about exploiting browser flaws, they don't use the word 'hack.'”
“And even if judges know what they're authorizing, there remain serious questions about whether judges can lawfully approve hacking at such scale,” Soghoian added.
Magistrate Judge Theresa C. Buchanan in the Eastern District of Virginia, who signed the warrant used for the NIT, did not respond to questions on whether she understood that the warrant would grant the power to hack anyone who signed up to Playpen, or whether she consulted technical experts before signing it, and her office said not to expect a reply.
But Fieman said that the warrant “effectively authorizes an unlimited number of searches, against unidentified targets, anywhere in the world.”
While Soghoian warned about what this scale of hacking may signal for the future of policing. “This is a scary new frontier of surveillance, and we should not be heading in this direction without public debate, and without Congress carefully evaluating whether these kind of techniques should be used by law enforcement," he said.
The FBI did not provide a response in time for publication.
Plenty of questions remain about this law enforcement hacking operation, such as the exact wording used in the authorisation for the NIT, the technical aspects of the NIT itself, and how many computers were targeted outside of the United States.
The UK's National Crime Agency (NCA), which often receives intelligence from the FBI, told Motherboard in a statement that "The NCA does not routinely confirm or deny the receipt of specific intelligence for reasons of operational security. We work closely with international partners both in law enforcement and industry to share intelligence and work collaboratively to bring those involved in the sexual exploitation of children to account." Europol, Europe’s law enforcement agency, did not respond to a request for comment.
Regardless, in taking down one of the biggest dark web child pornography sites, the FBI also engaged in likely the largest law enforcement hacking campaign to date.

Good I'm glad they can catch pedophiles no matter what. Sorry tor users it dosent protect you but stamping out child porn is bigger than you so you guys will just have to be like the rest of us. There's always pretended to be somewhere legal. I think many overblown it, I doubt the cops even look on here and if they do how do they choose a target in their area? Lol I admit to being in canada all the time but I'm located in a city with more than a million...

Honestly I don't care if they have to hack every thing that blinks and beeps to stop child abuse. It's fucked up. They should just shoot them when they get caught or go sit them in old sparkies lap for a nice cuddly shocker..

I honestly don't like that tor allows people the ability to run wild with no way to stop child porn. Until now... the writing was on the wall when they caught dpr gee the thing they made that's supposed to make you a ghost isn't 100%, give it enough time the brilliant minds that dreamed it up will piece a way to reverse it and then tor will just be a really slow and shitty browser
 

SoufLondon

Active member
I buy weed and concentrates from various dark-web sites occasionally. I hope that unmasking tor users is not that easy.

Surely there is a better way to stop child abuse?

I hate the feeling of zero privacy which we are expected to accept as the norm.

Theres always some nobhead(s) ruining it for everyone else
 
TOR has been compromised from the beginning, it was made by the U.S. navy for encrypted communication.

Even just searching TOR on Google will get you flagged by the NSA.

I wouldn't trust TOR. If the government wants you they will get you.
 

Weird

3rd-Eye Jedi
Veteran
Good I'm glad they can catch pedophiles no matter what. Sorry tor users it dosent protect you but stamping out child porn is bigger than you so you guys will just have to be like the rest of us. There's always pretended to be somewhere legal. I think many overblown it, I doubt the cops even look on here and if they do how do they choose a target in their area? Lol I admit to being in canada all the time but I'm located in a city with more than a million...

Honestly I don't care if they have to hack every thing that blinks and beeps to stop child abuse. It's fucked up. They should just shoot them when they get caught or go sit them in old sparkies lap for a nice cuddly shocker..

I honestly don't like that tor allows people the ability to run wild with no way to stop child porn. Until now... the writing was on the wall when they caught dpr gee the thing they made that's supposed to make you a ghost isn't 100%, give it enough time the brilliant minds that dreamed it up will piece a way to reverse it and then tor will just be a really slow and shitty browser

Sites are only as safe as the operators, and how safe is anyone who is a predator of people?

It is important for people to understand the internet adds a complexity that if not understood, isn't completely safe.

Not too hard for them to do that to sites say hosted in illegal states in America for instance?
 

Weird

3rd-Eye Jedi
Veteran
I don't expect people to feel bad for pedeophiles but its a great way to let privacy rights become compromised for people who are doing lesser non violent no victim crimes like cannabis
 

VonBudí

ヾ(⌐■_■)ノ
Veteran
I don't expect people to feel bad for pedeophiles but its a great way to let privacy rights become compromised for people who are doing lesser non violent no victim crimes like cannabis

indeed
B84xLI9IMAA2QeP.jpg



how did they find the carolina server?

By the following year, this number had ballooned to almost 215,000, with over 117,000 total posts, and an average of 11,000 unique visitors each week
11,000 pedos a week and their celebrating catching 1300?

is opsec not more to blame than tor faults?
 

Mate Dave

Propagator
ICMag Donor
Veteran
You have to assume that if you are online or have a mobile these days your hacked. If they care or not that is something else..

Mobiles have had 'tracers' on them @ source and have since the 90's your computer and speakers can be microphones..

Who's done a bug sweep on their properties lately?
 

Lester Beans

Frequent Flyer
Veteran
I can't believe there are 11,000 creeps out there who dig that crap. I second the motion to shoot the fuckers once proven guilty. Preying on a child is about as sick as a human being can be. Gross, glad they caught the scumbags.
 

7thson

Member
I read that 1 in 4 kids get abused,(sexually)I have a real sick feeling,that that number is higher.1 in 4,my God,that is high!Do the math.

I wish I had the power to stop all this.
 

Rumblefish

Member
About 8 years ago there was a push to filter the Inernet here in Australia ,2007 saw a government elected with a mandate to do so on the guise of stamping out internet pedo sites ,IC mag was one of the first places blocked by this attempt to filter so called pedo porn sites ,within weeks the list of 2000 sites that were being blocked was circulated, supposedly it was hacked ,regardless there was not a single child abuse site listed on that list , eventually this filter idea was abandoned as they finally woke up to the fact that there was always another way to get around their filtering....attack child porn for sure Im in favor of that but it gets used as a way of railing support from the mass's to give up their privacy because its become a situation where if your not in favor of it you have a cloud of suspicion hanging over you head ...in essence they use child abuse as a tool ! not as noble as they make out ,governments only feed you whats in their interest to do so. Rf
 
S

SooperSmurph

Am I the only one who read "Playpen" and thought that was a Hustleresque porn magazine from the 90s?
 

stoned-trout

if it smells like fish
Veteran
the net aint safe for you if they spend the time and money looking for ya....I don't care what programs you use....yeehaw
 
Top