This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

FBI takeover of Tor server leads to arrest

Share this article:

The testimony of an FBI agent against 28-year-old Irishman Eric Marques – arrested and charged with distributing child pornography online via the anonymous Tor network – all but confirmed that the FBI was involved in exploiting a Firefox vulnerability that aided in the investigation.

With charges originating in the United States, Marques – said to be a dual citizen of Ireland and the United States, and the world's largest-ever distributor of child pornography via his Freedom Hosting service – is awaiting an extradition hearing after being denied bail in high court on Thursday, according to reports.

During the proceedings, FBI Supervisory Special Agent Brooke Donahue testified that the FBI seized control of Freedom Hosting sometime in July, according to reports.

Authorities were blocked shortly thereafter when Marques changed the Freedom Hosting access credentials, Donahue was reported as saying, but the FBI agent explained that control was regained in early August, around the time Marques was charged and arrested and Freedom Hosting services went down.

Donahue insisted bail be rejected for Marques because the 28-year-old is a flight risk and due to concerns he would compromise the FBI investigation by attempting to contact co-conspirators, according to reports.

“He was looking to engage in financial transactions with another hosting company in Russia,” Donahue said, according to the Irish Independent. “My suspicion is he was trying to look for a place to reside to make it the most difficult to be extradited to the US.”

An FBI spokesperson could not respond to a query from SCMagazine.com and an indictment has yet to be unsealed against Marques, so the methods used by the FBI to take over Freedom Hosting servers remains to be seen.

American authorities were already at the heart of the conjecture as soon as Freedom Hosting services were downed and an FBI extradition request went out for Marques in early August.

Those investigating and discussing the incident online via forums and social media noted that malware introduced into the Tor network via a Firefox vulnerability could gather locations of users and forward that information to an IP address belonging to a Verizon business in Virginia.

Shortly after, Baneki Privacy Labs, an activist project, traced the IP space used in the exploit back to the National Security Agency's (NSA) Autonomous Systems. The NSA's mass data collection apparatus Prism has been a controversial topic since Edward Snowden blew the whistle on it in May.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Microsoft warns on yet another zero-day security flaw

Microsoft warns on yet another zero-day security flaw

Microsoft has warned Windows users about a zero-day security issue with malicious PowerPoint documents being emailed to recipients. The software giant is working on a patch for the problem.

Google launches FIDO-compliant 2FA USB key for Chrome and Gmail

Google launches FIDO-compliant 2FA USB key for Chrome ...

Google has souped up its two-factor authentication (2FA) login process with the launch of Security Key, a physical USB that only works after verifying the login site is truly a ...

Evolving TorrentLocker ransomware generating big money

Evolving TorrentLocker ransomware generating big money

The TorrentLocker ransomware has returned with a vengeance and is starting to bring in big money for its operators.