This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

FBI takeover of Tor server leads to arrest

Share this article:

The testimony of an FBI agent against 28-year-old Irishman Eric Marques – arrested and charged with distributing child pornography online via the anonymous Tor network – all but confirmed that the FBI was involved in exploiting a Firefox vulnerability that aided in the investigation.

With charges originating in the United States, Marques – said to be a dual citizen of Ireland and the United States, and the world's largest-ever distributor of child pornography via his Freedom Hosting service – is awaiting an extradition hearing after being denied bail in high court on Thursday, according to reports.

During the proceedings, FBI Supervisory Special Agent Brooke Donahue testified that the FBI seized control of Freedom Hosting sometime in July, according to reports.

Authorities were blocked shortly thereafter when Marques changed the Freedom Hosting access credentials, Donahue was reported as saying, but the FBI agent explained that control was regained in early August, around the time Marques was charged and arrested and Freedom Hosting services went down.

Donahue insisted bail be rejected for Marques because the 28-year-old is a flight risk and due to concerns he would compromise the FBI investigation by attempting to contact co-conspirators, according to reports.

“He was looking to engage in financial transactions with another hosting company in Russia,” Donahue said, according to the Irish Independent. “My suspicion is he was trying to look for a place to reside to make it the most difficult to be extradited to the US.”

An FBI spokesperson could not respond to a query from SCMagazine.com and an indictment has yet to be unsealed against Marques, so the methods used by the FBI to take over Freedom Hosting servers remains to be seen.

American authorities were already at the heart of the conjecture as soon as Freedom Hosting services were downed and an FBI extradition request went out for Marques in early August.

Those investigating and discussing the incident online via forums and social media noted that malware introduced into the Tor network via a Firefox vulnerability could gather locations of users and forward that information to an IP address belonging to a Verizon business in Virginia.

Shortly after, Baneki Privacy Labs, an activist project, traced the IP space used in the exploit back to the National Security Agency's (NSA) Autonomous Systems. The NSA's mass data collection apparatus Prism has been a controversial topic since Edward Snowden blew the whistle on it in May.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Cyber security still a learning curve for most companies

Cyber security still a learning curve for most ...

Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two ...

WorldPay hacker sentenced to 11 years for role in £6 million scheme

WorldPay hacker sentenced to 11 years for role ...

An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the £5.9 (US$ 9.4 million) ...

'Sophisticated' Chinese hackers launched attacks against 43,000 computer systems

'Sophisticated' Chinese hackers launched attacks against 43,000 computer ...

A new report reveals that a Chinese cyber-espionage group is closely affiliated with government and carried out attacks against the likes of Fortune 500 companies and government agencies.