FreedomWeb, an Irish company known for providing hosting for Tor "hidden services" — services reached over the Tor anonymized/encrypted network — has shut down after its owner, Eric Eoin Marques, was arrested over allegations that he had facilitated the spread of child pornography. Users of Tor hidden services report that their copies of "Tor Browser" (a modified, locked-down version of Firefox that uses Tor by default) were infected with malicious Javascript that de-anonymized them, and speculate that this may have originated with with FBI. Tor Browser formerly came with Javascript disabled by default, but it was switched back on again recently to make the browser more generally useful. Some are predicting an imminent Bitcoin crash precipitated by the shutdown.

The execution of malicious JavaScript inside the Tor Browser Bundle, perhaps the most commonly used Tor client, comes as a surprise to many users. Previously, the browser disabled JavaScript execution by default for security purposes, however this change was recently reverted by developers in order to make the product more useful for average internet users. As a result, however, the applications has become vastly more vulnerable to attacks such as this…

…We expect there will be a deeper technical analysis of the malware in the coming days as security researchers examine it in greater detail. Since the attack was designed at Firefox for Windows, which the Tor Browser Bundle is based upon, it seems likely that this is not a random occurance, and that the malware is designed specifically designed to compromise the identities of anonymous internet users. Although this would be a victory for the FBI against child pornographers who use the Tor network, it could also mean a serious security breach for international activists and internet users living in repressive states who use the services to practice online free speech.