Hidden websites fall offline following arrest in Ireland

The websites used the TOR network to provide greater privacy to users and people hosting the sites

A large number of websites shielded by an anonymizing service vanished from the Internet on Saturday, an action that may be linked with an arrest of a man in Ireland.

The websites, which appeared to have been supplied connectivity by Freedom Hosting, were only reachable with a web browser configured to use the TOR (The Onion Router) network. The TOR network randomly routes Internet traffic through a worldwide network of servers that help mask identifying information such as IP addresses.

Freedom Hosting specialized in supplying connectivity for TOR-configured websites and was widely believed to be connected to a man named Eric Eoin Marques. According to the Independent, an Irish publication, Marques appeared in court on Friday in connection with a U.S. extradition request based on four charges filed in Maryland that he allegedly distributed and promoted child pornography.

The newspaper reported that an FBI agent who testified on Friday described the 28-year-old as "the largest facilitator of child porn on the planet." Marques was denied bail and is due to appear in court again on Thursday, the Independent reported. The newspaper did not, however, make a reference to Freedom Hosting.

FBI officials could not be immediately reached on Sunday. Marques' name did not turn up in a search of online U.S. federal criminal court records, although it can take several days for some documents to be filed.

The TOR Project, which oversees TOR's software development, wrote on Sunday that Freedom Hosting is no way connected to The TOR Project itself. Anyone can use TOR to create hidden websites, it said.

"Other organizations run hidden services to protect dissidents, activists, and protect the anonymity of users trying to find help for suicide prevention, domestic violence and abuse-recovery," The TOR Project wrote.

The TOR Project also wrote that it was aware that Freedom Hosting's software may have been exploited, possibly through the Firefox browser.

The project has its own web browser that can be used to visit hidden sites which is based on Firefox 17 ESR (Extended Support Release). The browser supports hidden TOR web addresses, which take a form that look like "http://idnxcnkne4qt76tg.onion/."

"From what is known so far, the breach was used to configure the server in a way that it injects some sort of JavaScript exploit in the web pages delivered to users," The TOR Project wrote. "This exploit is used to load a malware payload to infect users' computers."

Mozilla, the organization behind Firefox, is "actively investigating this information and we will provide additional information when it becomes available," wrote Michael Coates, director of security assurance, in a blog post.

It isn't clear yet how the vulnerability in the browser may be linked to the reported issues at Freedom Hosting and the involvement of law enforcement.

"There are lots of rumors and speculation as to what's happened," The TOR Project wrote. "We're reading the same news and threads you are and don't have any insider information."

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Join the CSO newsletter!

Error: Please check your email address.

Tags The TOR Projectsecurity

More about ESRESRFBIMozilla

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jeremy Kirk

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts