Former US government cyber security chief used Tor to trawl for paedophile images

FBI put malware onto websites only accessible on Tor to identify and track criminals using Tor

A former US government cyber security chief has been convicted on child-rape pornography charges after being monitored by the FBI in an operation targeting users of Tor, the free software that enables internet users to surf the internet anonymously.

Timothy DeFoggi, 56, was previously the acting head of cyber security at the US Department of Health and Human Services. A government document also listed him as the head of "OS IT Security Operations" and suggested the he reported directly to the department's chief information-security officer.

The operation that caught DeFoggi, dubbed Operation Torpedo, was initiated by the Dutch National High Tech Crime Unit (NHTC), whose agents discovered a Tor site called "Pedoboard" that was hosted in Nebraska, according to a Wired report earlier this month. The sites operated as hidden URLs that cannot normally be traced to the physical location where they are hosted.

The FBI monitored the site and others owned by Aaron McGrath for a year, and then arrested him. In order to track down other users, it continued to operate the site for weeks afterwards from an FBI office, taking down IP addresses of visitors along with incriminating evidence.

The FBI installed malware remotely on the machines of visitors of McGrath's websites which could identify computers' IP addresses, as well as its MAC addresses, directly identifying PCs' networking cards, and other identifying data.

The malware and other FBI techniques "successfully revealed the true IP addresses of approximately 25 domestic users who accessed the sites (a small handful of domestic suspects were identified through other means, and numerous foreign-based suspect IPs were also identified)", prosecutors wrote in a court document.

The websites were then shut down, and 25 suspects were arrested, with 14 facing trial. DeFoggi was the sixth user to be caught as result of the operation, which began in 2012.

He not only exchanged and accessed child porn but "even suggested meeting one member in person to fulfil their mutual fantasies to violently rape and murder children", according to the US Justice Department.

Despite support for the FBI's techniques to catch paedophiles, privacy campaigners are also worried that the US government is using these same back-door techniques for other reasons - effectively monitoring the use of Tor by everyday citizens, perhaps without a legitimate reason to do so.