Just a few days back, Tor made a difficult announcement that an attack on its system likely exposed its users of anonymity. Now, a new report from Wired suggests that the FBI has been running a malware campaign to identify Tor users by infecting their computers for years on a large scale.
FBI USES DRIVE-BY HACKING TO TRACK USERS
Tor is generally thought to be a place where users come online to hide their activities and remain anonymous, but a court case has revealed an opposite story. FBI has been using a tactic called drive-by hacking to track computers using the Tor anonymous computing system.
Security researchers call the tactic a “drive-by download” in which a hacker infiltrates a high-traffic website to deliver the malware to large swaths of visitors. That simply means that the FBI first infects the target sites and then installs malware to tracks its users.
PARTICULARLY TARGETING DARKNET WEBSITES
Under the Operation Torpedo, the FBI agents are using drive-by hacking particularly to track users on the Dark Net, hidden websites that are only accessible through Tor anonymity network. These dark websites usually deal in serious activity like drugs, child porn and murder contracts.
Like the 2012 case of Aaron McGrath, who was found hosting child pornography websites on a network of servers in Nebraska. After obtaining legal warrants to track certain individuals accessing McGrath's servers, the FBI agents infected servers with tracking malware to identify the root IP of anyone who visited the website.
As a result, the FBI were successful in tracking the IP address of as many as 25 individuals in this case. To the FBI’s credit, it has owned up to these techniques in the past and tracked users across Tor before.
YOU MIGHT BE IN DANGER IF USING TOR
This sophisticated use of tracking malware comes out to be a great tool to help law enforcement find and arrest the terrible criminals. But, in past we had seen some evidence that the FBI is tracking innocent users of Tor anonymity network, as well.
Many are worried about this tracking tactic that is also used to track people legally visiting other suspicious sites like researchers or human rights workers.
“You could easily imagine them using this same technology on everyone who visits a jihadi forum, for example,” the ACLU technologist Chris Soghoian told Wired. “And there are lots of legitimate reasons for someone to visit a jihadi forum: research, journalism, lawyers defending a case. ACLU attorneys read Inspire Magazine, not because we are particularly interested in the material, but we need to cite stuff in briefs.”
Nobody is sure whether the innocent Tor users are targeted in this so-called Operation Torpedo, but the FBI agents are expected to use these drive-by download tools in near future as well. As they don’t have to reveal exactly what they are doing, just because of the fact that they’re hacking only into the unsuspecting Americans’ computers is going to be unnoticed by the judges.
The ACLU is also worried that judges issuing the legal search warrants to the FBI which make these tracking malware attacks legal, don't fully understand the technology. In fact, the search warrants for the Operation Torpedo, didn't actually contain the word like malware anywhere.
So, if you are also the one to use Tor to legally access potentially dangerous sites, no matter for what purpose you are there - THE FBI HAS AN EYE ON YOU.