According to a report on vice motherboard – The Federal Bureau of Investigation since the summer of 2015 has been upping the ante in its attempts to shutdown illegal pornography sites, primarily sites sharing child porn. But to what extent is the FBI permitted to go out with hack campaigns against Tor Dark Net websites.
In New York, two men were criminally charged in connection with an FBI investigation of a child pornography website. These two were just a couple of the 200,000+ users this site maintained in its databases. Both men were charged with knowingly possessing such porn.
Justice may be shutting down these websites and arresting pedophiles and other dangerous people but the FBI tactics are unprecedented and raising some questions about their legality, including using a hacking tool that revealed the IP addresses of these two individuals, when the Tor site was hidden from revealing any personal information.
At the time of the arrests in the summer of 2015, some attention was given to the crimes and the tactics the FBI used to bring down these criminals. As a result also, some news attention was given to other arrests made, including one in Vancouver. However, only now is the truth behind the full campaign surfacing.
In order to take down a site like this on the dark web, the FBI needed to hack thousands of computers across the country. According to court documents recently reviewed, this was an operation of wide scale proportion.
Christopher Soghoian, principal technologist at the American Civil Liberties Union (ACLU) said by phone interview that “this kind of operation is simply unprecedented.”
The illegal site in question was “Playpen,” a site that launched in August 2014, with a bulletin board on the dark web requesting users sign up and upload any image. The court described this as the main tactic for “the advertisement and distribution of child pornography.”
With over 60,000 new user accounts in less than a month, the site became a huge success for trafficking illegal material, including child pornography. The site at the time of its closing was bloated with 215,000 users, 117,000 total posts and an average of 11,000 unique visits per week. Unfortunately, the posts made were illicit and extreme abuse of children in the form of pornographic imagery. Additionally to the photography, advice columns were set up on the board to teach sexual abusers tactics to avoid detection while online.
Playpen was described by the FBI as the “largest remaining known child pornography hidden service in the world.” And amidst the hacking campaign approximately 1300 true IP addresses were identified prior to the seizure of the website in February 2015.
After its immediate seizure, it still was not shut down, remaining open on the dark web, unlike other sites the FBI have successfully shut down permanently, like Silk Road. Between February 20 and March 4, the FBI went and distributed their hacking tool, known as a network investigative technique (NIT). Playpen was running from its server in Virginia, and the hacking tool continued to infect targets, close to the 1300 IP addresses stated by the court.
There could very well be many more addresses that the FBI hacked but none of come to the surface at this time.
A federal public defender and counsel for the accused child abuser teacher in Vancouver, suggested there could be hundreds more, that would simply be filed under the same investigation.
“There will probably be an escalating stream of these [cases] in the next six months or so,” Colin Fieman said. “[This is what we can estimate from what] we’ve seen in terms of the discovery.”
Fieman has three cases pending on this investigation, and according to the court, there are charges being made in New York and New Jersey, Connecticut and Massachusetts, Illinois and Wisconsin, Florida, and Utah.
Fieman is arguing that the use of a broader NIT is an “extraordinary expansion of government surveillance and its use of illegal search methods on a massive scale.” He is arguing that regardless of the charges, his clients’ arrests were based on illegal means.
The Magistrate Judge who signed the warrant for the use of NIT, Theresa C. Buchanan of the Eastern District of Virginia, did not respond when questioned if she knew the warrant would grant the FBI the ability to hack any user of Playpen, and did not respond when questioned about her understanding of the technicalities of the NIT’s abilities.
NITs have existed for many years and have been in the form of malware or other exploitable web browsing bugs. It is not uncommon for any judge to sign a warrant for its use therefore, because there is judicial precedent. NIT use has been successful in the FBI bringing down illegal dark web sites.
But the question is the legality and complete understanding of their use, especially by the judges who sign off on the warrants.
Fieman is hoping to prove that such a warrant by a judge “effectively authorizes an unlimited number of searches, against unidentified targets, anywhere in the world,” and use this to defend his clients.
He continued saying that “basically, if you visited the homepage, and started to sign up for a membership, or started to log in, the warrant authorized deployment of the NIT [on these potential users’ computers and IPs].”
The warrant did not detail how the NIT was to be deployed, but rather that it could simply be deployed in order to hack the users on the Playpen site.
Fieman will go to great lengths to defend his clients and if the NIT proves to be done illegally, he may win his cases.
However, questions continue to loom, making it unclear if anything was illegal at all. The exact wording of the warrant and authorization still remain unknown for the NIT itself, and the exact number of hacked computers targeted outside of the United States remains disclosed.
This may be one of the most successful dark web take downs for the FBI in its history. How it was done, however, may remain a mystery, while thousands of individuals will be tried with child pornography charges.