Nytro Posted August 7, 2014 Report Posted August 7, 2014 [h=1]FBI infected PCs on a large scale to persecute alleged criminals[/h]by paganinip on August 7th, 2014 [h=2]A report disclosed by Wired suggests that the FBI is using a malware to identify Tor users by infecting machines on a large scale.[/h] It’s not a mystery that usage of the Tor network represents a problem for investigators of law enforcement agencies and for government entities that need to track users on the popular anonymizing network. Last year the FBI dismantled the Tor hosting service Freedom Hosting in a large scale investigation on child pornography. FBI used a malicious code able to exploit a Firefox Zero-day for Firefox 17 version that allowed it to track Tor users. The malware implants a tracking cookie which fingerprinted suspects through a specific external server. The exploit is based on a Javascript that is a tiny Windows executable hidden in a variable dubbed “Magneto”. Magneto code looks up the victim’s Windows hostname and MAC address and sends the information back to the FBI Virginia server exposing the victims’s real IP address. The script sends back the data with a standard HTTP web request outside the Tor Network. Articol: FBI infected PCs on a large scale to persecute alleged criminals | Security Affairs Quote
