Operation Torpedo
   HOME

TheInfoList



OR:

Operation Torpedo was a 2011 operation in which the
Federal Bureau of Investigation The Federal Bureau of Investigation (FBI) is the domestic Intelligence agency, intelligence and Security agency, security service of the United States and Federal law enforcement in the United States, its principal federal law enforcement ag ...
(FBI) compromised three different hidden services hosting
child pornography Child pornography (also abbreviated as CP, also called child porn or kiddie porn, and child sexual abuse material, known by the acronym CSAM (underscoring that children can not be deemed willing participants under law)), is Eroticism, erotic ma ...
, which would then target anyone who happened to access them using a
network investigative technique Network Investigative Technique (NIT) is a form of malware (or hacking) employed by the FBI since at least 2002. It is a drive-by download computer program designed to provide access to a computer. Controversies Its usage has raised both Fourth ...
(NIT).


Investigation History

The operation started after Dutch law enforcement compromised a hidden service called Pedoboard, and found it was physically located at a Nebraska web hosting company. The ensuing FBI investigation found that an employee, Aaron McGrath, was operating two child pornography sites at his work and one at his home. After a year of surveillance, the FBI arrested McGrath and took control of his three sites (PedoBoard, PedoBook, TB2) for a two-week period starting in November 2012.


Methodology

The FBI seized access to the web sites after his arrest and continued to run them for a two week period. During this time the websites (onion services) were modified to serve up a NIT in what is termed a " watering hole attack", which would attempt to unmask visitors by revealing their IP address, operating system and web browser. The NIT code was revealed as part of the case ''USA v Cottom et al''. Researchers from
University of Nebraska at Kearney The University of Nebraska at Kearney (UNK) is a campus of the public University of Nebraska system and located in Kearney, Nebraska. It was founded in 1905 as the Nebraska State Normal School at Kearney. History In March 1903 the Nebraska S ...
and
Dakota State University Dakota State University (DSU) is a public university in Madison, South Dakota, United States. The school was founded in 1881 as a normal school, or teacher training school. Education is still the university's heritage mission, but a signatur ...
reviewed the NIT code and found that it was an
Adobe Flash Adobe Flash (formerly Macromedia Flash and FutureSplash) is a mostly discontinuedAlthough it is discontinued by Adobe Inc., for the Chinese market it is developed by Zhongcheng and for the international enterprise market it is developed by Ha ...
application that would ping a user's real IP address back to an FBI controlled server, rather than routing their traffic through the
Tor network Tor is a free overlay network for enabling anonymous communication. It is built on free and open-source software run by over seven thousand volunteer-operated relays worldwide, as well as by millions of users who route their Internet traffic ...
and protecting their identity. It used a technique from
Metasploit The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company, Rapid7. ...
's "decloaking engine" and only affected users who had not updated their Tor web browser. An investigation by ''
The Daily Dot ''The Daily Dot'' is a digital media company covering the culture of the Internet and the World Wide Web. It was founded by Nicholas White in 2011, and is headquartered in Austin, Texas. The site, conceived as the Internet's "hometown newsp ...
'' claimed that the NIT was created by former part-time employee of
The Tor Project The Tor Project, Inc. is a 501(c)(3) research-education nonprofit organization based in Winchester, Massachusetts. It is founded by computer scientists Roger Dingledine, Nick Mathewson, and five others. The Tor Project is primarily responsibl ...
and Vidalia developer Matthew Edman and was internally known as "Cornhusker".


Results

The NIT was successful in revealing approximately 25 domestic users as well as numerous foreign users. The
U.S. Department of Justice The United States Department of Justice (DOJ), also known as the Justice Department, is a federal executive department of the U.S. government that oversees the domestic enforcement of federal laws and the administration of justice. It is equi ...
noted in December 2015 that besides McGrath, 18 users in the United States had been convicted as a result of the operation. One user caught by the NIT had accessed the site for only nine minutes and had since wiped his computer, yet a month-later police search of his home and digital devices found—through
digital forensics Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery, investigation, examination, and analysis of material found in digital devices, often in relation to mobile devices and com ...
—image thumbnails indicating past presence of downloaded child pornography, as well as text instructions on accessing and downloading child pornography. Another user was unmasked through his messages with an undercover FBI agent, and this user turned out to be Timothy DeFoggi, who was at that time the acting director of cybersecurity at the
U.S. Department of Health and Human Services The United States Department of Health and Human Services (HHS) is a cabinet-level executive branch department of the US federal government created to protect the health of the US people and providing essential human services. Its motto is "Im ...
.


See also

* Freedom Hosting * Operation Pacifier
List of U.S. Cases


References

{{DEFAULTSORT:Torpedo, Operation Dark web 2011 in American law
Torpedo A modern torpedo is an underwater ranged weapon launched above or below the water surface, self-propelled towards a target, with an explosive warhead designed to detonate either on contact with or in proximity to the target. Historically, such ...
Tor (anonymity network) Cybercrime Law enforcement operations against child pornography Digital forensics