Home » News » FBI Unmasked CP Website User Using A Spyware
Click Here To Hide Tor

FBI Unmasked CP Website User Using A Spyware

Do you remember Luis Escobosa? He has been caught for accessing, using and downloading pictures and media files from different child porn websites. The FBI arrested the Staten Island man last Friday, however, this is not the interesting fact here, it is the case that the FBI has uncovered how have they caught the CP user.

A huge website (PlayPen) with almost 215.000 users has been seized by the FBI March 2015, however, before they finally put the site out of its misery, the feds have loaded spyware on the website and ran PlayPen for a few weeks to track and trace users of the CP site. Luis Escobosa was busted by the FBI using this technology, the man already admitted that he has used these kinds of websites, however, what he did not know is the fact that the FBI was running a hidden server that has been spamming spyware on his computer while using PlayPen.

Spywares have been used for a while by the FBI. The court documents of the Luis Escobosa case do not tell us much information about the whole bust, however, the feds have made a good use of spywares before. According to other cases where NIT (network investigative techniques) were used, court documents state that the software has been developed by a white hat hacker named HD Moore and it was bundled in the Metasploit Decloaking Engine.

The process how the spyware works goes by this: a file, typically a Flash file, is hosted by a seized child porn website, and sent to web browsers when users of the site visit the hidden service via Tor. This Flash file is run in Adobe’s plugin and establishes a direct connection to an FBI-controlled server on the public internet without going through Tor. After these steps have been done, in most cases, the feds can read off the users’ IP addresses and catch the user for using CP websites.

Regarding the case of Luis Escobosa, the spyware reported back he was using a computer in Staten Island via Verizon’s fiber service. After determining his home address from the internet service provider using a subpoena, FBI agents got a search warrant and snatched the man’s computers in late June.

According to investigators, Escobosa thought he kept no copies of illegal content on his PC, but agents found 115 child sex abuse images stored in the thumbnail cache of his Tor browser – plus logs of IRC chats with other users of child porn websites. After he was arrested, Escobosa said nothing and demanded a lawyer, then admitted to the Feds he had surfed websites looking for images containing CP.


  1. Hmmm…

    Yet another reason to be using Tails, I suppose:


    And, isn’t the Tor Browser supposed to wipe its thumbnail cache when exiting? Perhaps the Tor developers need to start using a secure erase when exiting??? But, until then, you Windows CP Dodos probably need to start using CCleaner and setting your Tor browser security settings to maximum!

    • A wagging tail.

      Yeah, in addition to Tails, I would recommend using a flash drive with hardware encryption; just make sure that you can boot from it, and to be safe, buy it directly from a retailer paying in cash. Don’t rely on just that, though. Use a good passphrase for your Tails persistent storage, and within that, have another TrueCrypt container. Three levels of security (flash drive, persistent storage, and TrueCrypt), all with different and varying passprhases which are long (at least 25 characters in the case of Tails & TrueCrypt, but note that TrueCrypt can go all the way up to 65 characters.) For your Tails & TrueCrypt (also note that you’ll need to create your TrueCrypt container using, preferably, another Linux distribution, as Tails has dropped TrueCrypt, but you can still mount TrueCrypt volumes using Cryptsetup within Tails), use Upper & lower case letters, numbers, punctuation characters and at least a few “special” characters at the very top your keyboard! Practice your passphrases often and NEVER write them down, anywhere!! In addition to this, use Tor bridges and anonymous Wi-Fi whenever (and, wherever) possible. And, keep your mouth shut if and when the cops show-up! For US users, “plead the 5th!”; rinse and repeat as necessary, and do NOT believe anything that the cops (especially, the FBI) say to you! They are all liars!!

    • Another low hanging fruit got plucked. The exploit the FBI used required you to have Adobe Flash installed on Tor Browser. You shouldn’t ever have plug ins like that installed on Tor if you want security. Don’t install plug ins if you want to be free of browser exploits while using Tor. If you do the math, most people using Playpen didn’t expose their real IP address to the Feds. So the Playpen bust was another small victory for the Feds.

  2. Not an endeavored saturist of the “establishment”, per say, but CP is a plague, and as any must be expunged. Gallop along and crush the buggas I say.

  3. drug crime long time

    fuck CP, fuck fraud, fuck guns, get all this shit off of the DNMs. all that should be on there are pure drugs- and that’s it. if a DNM starts up that bans everything but that, I’d switch immediately. i hate the thought of enabling these rapists, terrorists and thieves.

  4. Shame on you guys, instead of praising cops for busting these bad people, who abuse children, you are giving ideas how to use encryption and praising FBI has small victory … but guess what good always wins evil had to loose.
    Most importantly GOD will deal with these bad guys who abuse children

Leave a Reply

Your email address will not be published. Required fields are marked *


Captcha: *