Child abuse sites on ‘hidden internet’ compromised by malware

A service accused of helping to distribute pictures of child abuse on the ‘hidden Internet’ has been compromised.

Websites using service provider Freedom Hosting to post material up have had code added to their pages, which could help reveal the identities of people visiting them.

Freedom Hosting delivers sites via Tor, which is designed to keep web activity anonymous.

It does this by sending web traffic through numerous encrypted layers to hide the traces of activity which prove useful in a police investigation.

There are also websites which use Tor’s .onion suffix. But over the weekend Tor users complained that sites using the network had gone offline simultaneously.

The breach is believed to have reconfigured the software behind Freedom Hosting to insert a Javascript-like exploit in the web pages, which is then able to load malware onto the computers of the sites’ visitors.

There are claims that the design of the code used to bug the Tor network suggests a US law enforcement agency is behind it.

Freedom Hosting’s terms and conditions state that illegal activities are not allowed on the sites it supports, but that it is notresponsible for users’ actions.

Analysis of the breach suggests it takes advantage of a vulnerability in Firefox 17, it is reported, which means people using that browser could be identified.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing