Irish man arrested as 'the largest facilitator of child porn on the planet'

Reports suggest a co-ordinated attack by the FBI that took down some of the world's most well-hidden illegal websites

A 28-year old Irish man described by the FBI as “the largest facilitator of child porn on the planet” is facing extradition to the US. This follows news of a co-ordinated attack apparently carried by American law enforcement on hidden internet servers thought to host images of child abuse.

Eric Eoin Marques has both US and Irish citizenship and was arrested on a Maryland warrant for charges of ‘distributing and promoting child pornography on the internet’.

The Independent of Ireland reports that the content involved was “described as being extremely violent, graphic and depicting the rape and torture of pre-pubescent children.” Marques has not been the subject of a police inquiry prior to these charges and faces prison time of up to 30 years if convicted.

Marques is known to be heavily involved in the Tor network (a system of servers and protocols that anonymises internet use) and is also the alleged founder of Freedom Hosting; a company that many claimed provided webhosting services for the web’s most notorious sites, sponsoring all manner of illegal activity from hacking to the drug trade.

Freedom Hosting was well known for its lax approach to illegal material, with the company warning customers that whilst they shouldn’t upload such content to their servers “if you chose to do so anyway, we are not responsible for your actions.”

On Saturday morning at approximately 6:40am ET websites registered with the company were shut down simultaneously. The Daily Dot reports that those sites that did come back online were infected with Javascript code that sent users’ login details to an unknown location.

Whilst it’s not been confirmed whether the attack on Freedom Hosting and the subsequent insertion of code was organised by US law enforcement, the methods are the same as those previously used by the FBI.

 Similarly, the absence of malicious code from the Javascript eplxoit and the the timing of the arrest of Marques (news of which broke on the web shortly after the websites were taken down) strongly suggest a co-ordinated operation.

to.jpg

 

What is Tor and how is it involved?

Tor, or The Onion Router, is in no way connected to Marques' business, and have sought to distance themselves from Freedom Hosting on several occasions. Many companies use Tor’s protocols to offer ‘hidden services’ and Freedom Hosting is simply the largest and most well-known.

“Anyone can run hidden services, and many do,” say Tor. “Other organizations run hidden services to protect dissidents, activists, and protect the anonymity of users trying to find help for suicide prevention, domestic violence, and abuse-recovery.”

“Whistleblowers and journalists use hidden services to exchange information in a secure and anonymous way and publish critical information in a way that is not easily traced back to them. The New Yorker's Strongbox is one public example.”

Using Tor stops intelligence organizations from performing ‘traffic analysis’ on individuals – tracking who they talk to and when, as well as tracking behaviour and interests. This is similar to the ‘metadata’ collected by government intelligence agencies such as GCHQ and the NSA.

Tor essentially re-routes your data through a series of points, creating a complicated and diffuse ‘path’ through the internet that is extremely difficult to follow.

Reports suggest that Freedom Hosting was compromised through an exploit in the Tor Browser Bundle – a plugin for the Firefox that provides an easy introduction to the service. It’s not yet known how widespread the exploit is, or whether it compromises the activity of journalists and activists who might rely on Tor for their safety.

Speaking to The Independent, a spokesperson for Tor said: "In the larger picture, the Tor Browser is a piece of software. All software has bugs and will continue to do so for the foreseeable future. We believe that currently released versions of Tor Browser are safe from this specific malware attack. We'll have a security advisory out soon explaining the details."

Comments