FBI Contracted Former Tor Developer To Create Torsploit Malware

Ever since the Silk Road platform was shut down by law enforcement, people have been wondering if the Tor network was as secure as it is touted to be. As it turns out, a former part-time Tor Project developer helped the FBI in developing the Torsploit malware.

Also read: Is the Bitcoin Community Being Too Harsh on Gavin Andresen?

Matthew Edman And FBI Develop Torsploit

Anonymity software has been a thorn in the eye for law enforcement officials for years now, as these tools are often associated with illegal activities on the internet. Tor, one of the most commonly used forms of anonymity software, allows users to hide their real IP addresses and preserve anonymity on the World Wide Web.

But at the same time, Tor has received a lot of attention from law enforcement. Earlier this year, a judge ruled that the FBI and Carnegie Mellon University worked together in actively breaching the Tor protocol to identify Internet criminals. This shed a whole new light on the anonymity software, as there is very little point in using this software if law enforcement agencies have a backdoor somewhere.

Whether or not that is the case remains a mystery. But that hasn’t kept the FBI from trying alternative solutions to identify Tor users. One of those examples comes in the form of Torsploit, a piece of malware that has effectively aided law enforcement in deanonymizing Tor users and tracking their real IP addresses.

Creating such a malware solution for Tor is not an easy feat, and it turns out one of the former project developers is partially responsible for the creation of Torsploit. After leaving the Tor team in 2009, Matthew Edman was contacted by a defense contractor who worked for the FBI. The purpose of this engagement was to come up with an anti-Tor malware solution.

Matthew Edman also aided in contributing to research papers co-created with the Tor developers, and he helped other members build privacy tools. Moreover, he was one of the lead developers on Vidalia, a project which was put on ice by the Tor leadership in 2013, and later on replaced with other tools for improving overall user experience.

People who have been following security blogs over the past few years may remember the Operation Torpedo sting by the FBI. During this process, law enforcement agents made use of the Torsploit malware to identify deep web users. Additionally, Torsploit also made an appearance during the investigation of a deep web portal offering child pornography.

This malware was deployed through malicious websites showing a Flash video. Users who had Flash enabled in the Tor browser would then be subject to having their real IP address revealed. That information would be forwarded to a server controlled by the FBI, along with a timestamp showing when the site was accessed.

Torsploit has been quite a success for the FBI so far. The Bureau was able to reveal identities of 25 suspects with this malware, 19 of which have been convicted as of press time. This is not the only type of malware deployed by the FBI either, although no official details have been confirmed at this time.

It hardly comes as a surprise to know the FBI does not officially acknowledge their use of Torsploit, claiming how they “lost the source code.” But that hasn’t kept Matthew Edman from continuing his work for the Bureau, according to Darkweb News. In fact, Edman was instrumental in bringing down Silk Road in 2013, as people feel he was responsible for tracing the bitcoin transactions of Ross Ulbricht.

What do you think about the partnership between the FBI and Matthew Edman?

Source: Darkweb News

Images courtesy of Tor, Silk Road, Shutterstock.