The method involves one of the FBI hacking into a high-traffic website and then subverts it to deliver malware to every single visitor. Apparently the FBI has been quietly experimenting with drive-by hacks as a way to catch criminal websites hiding behind Tor. More than 12 users of Tor-based child porn sites have been caught by the method and are headed to trial.
Wired notes that while general hacking and the use of malware was not unusual, but what was different was the way that the FBI uses its malware capability, deploying it as a driftnet instead of a fishing line.
The FBI’s system is called “Operation Torpedo” which was first fired in the Netherlands in August 2011. Agents at the National High Tech Crime Unit of the Netherlands’ national police force had decided to crack down on online child porn and wrote a web crawler that scoured the Dark Net, collecting all the Tor onion addresses it could find.
The NHTCU agents systematically visited each of the sites and made a list of those dedicated to child pornography and got a warrant. One of the sites was an American who the FBI monitored for six months to gather a case against all his customers.