Now the technique is being adopted by a different kind of a hacker—the kind with a badge.For the last two years, the FBI has been quietly experimenting with drive-by hacks as a solution to one of law enforcement’s knottiest Internet problems: how to identify and prosecute users of criminal websites hiding behind the powerful Tor anonymity system.They use it themselves, but when their targets hide behind the system, it poses a serious obstacle.Last month, Russia’s government offered a 1,000 bounty for a method to crack Tor.The bureau calls the method an NIT, for “network investigative technique,” and the FBI has been using it since at least 2002 in cases ranging from computer hacking to bomb threats, child porn to extortion.Depending on the deployment, an NIT can be a bulky full-featured backdoor program that gives the government access to your files, location, web history and webcam for a month at a time, or a slim, fleeting wisp of code that sends the FBI your computer’s name and address, and then evaporates.But hidden services are also a mainstay of the nefarious activities carried out on the so-called Dark Net: the home of drug markets, child porn, murder for hire, and a site that does nothing but stream pirated My Little Pony episodes.Law enforcement and intelligence agencies have a love-hate relationship with Tor.
It achieves that by accepting connections from the public Internet—the “clearnet”—encrypting the traffic and bouncing it through a winding series of computers before dumping it back on the web through any of over 1,100 “exit nodes.”The system also supports so-called hidden services—special websites, with addresses ending in .onion, whose physical locations are theoretically untraceable.
Agents at the National High Tech Crime Unit of the Netherlands’ national police force had decided to crack down on online child porn, according to an FBI affidavit.
To that end, they wrote a web crawler that scoured the Dark Net, collecting all the Tor onion addresses it could find.
What’s changed is the way the FBI uses its malware capability, deploying it as a driftnet instead of a fishing line.
And the shift is a direct response to Tor, the powerful anonymity system endorsed by Edward Snowden and the State Department alike.
Critics also worry about mission creep, the weakening of a technology relied on by human rights workers and activists, and the potential for innocent parties to wind up infected with government malware because they visited the wrong website.