Freedom Hosting

Last updated
Freedom Hosting
Freedom Hosting Tor.jpg
Type of site
 Web hosting provider
Founder(s) Eric Eoin Marques
Users Half of all Tor sites. [1]
Written in PHP

Freedom Hosting was a Tor specialist web hosting service that was established in 2008. At its height in August 2013, it was the largest Tor web host. [2]

Contents

Anonymous denial-of-service attack

In 2011, Anonymous launched Operation Darknet, an anti-child pornography effort against activities on the dark web. One of the largest sites, Lolita City, hosted by Freedom Hosting, [3] was subject to a denial-of-service attack (DDoS), and later had its member list leaked following an SQL injection attack, as was The Hidden Wiki which linked to it. [4]

Federal investigation

News reports linked a Firefox browser vulnerability to a United States Federal Bureau of Investigation (FBI) operation targeting Freedom Hosting's owner, Eric Eoin Marques. In August 2013, it was discovered that the Firefox browsers in many older versions of the Tor Browser Bundle were vulnerable to a JavaScript attack, as NoScript was not enabled by default. [5] This attack was being exploited to send users' MAC and IP addresses and Windows computer names to the attackers. [6] [7] [8] [ self-published source? ] The FBI acknowledged they were responsible for the attack in a 12 September 2013 court filing in Dublin; [9] further technical details from a training presentation leaked by Edward Snowden showed that the codename for the exploit was EgotisticalGiraffe. [10]

The site was founded and administered by an American-Irish citizen, Eric Eoin Marques (born April 29, 1985), who was born in New York City to an Irish mother and a Brazilian-born Portuguese father who worked as a successful architect. [11] [12] He had been referred to a psychiatrist as a young teenager with no specific diagnosis made. [13] He was described as timid and anti-social, and had failed to complete school. [12] In 2005, Marques started a business named Host Ultra with his father before dissolving it in 2011. [12] [11] His father had justified the large amounts of money Marques made by claiming he worked at a bank. [12]

Marques was arrested in Ireland on 1 August 2013, on a provisional extradition warrant issued by a United States court on the 29th of July that year. [14] [15] The FBI sought to extradite Marques to Maryland on four charges — distributing, conspiring to distribute, and advertising child pornography  — as well as aiding and abetting advertising of child pornography. The warrant alleges that Marques was "the largest facilitator of child porn on the planet". [16] [17] His attorneys fought for several years to prevent his extradition to the United States on the grounds that he had Asperger's syndrome and would not receive the appropriate care in a US prison if extradited. [18] [19] In December 2016, the Irish Court of Appeal ruled the extradition should proceed. [20] This was not the end of his appeal process, however, and his lawyers announced they would make a new appeal to the Supreme Court. This appeal was dismissed by the Irish Supreme Court on 20 March 2019. [21] Marques faced life in prison if tried and convicted in the United States. [22] On 6 February 2020, Marques pleaded guilty to one count of conspiracy to advertise child abuse images, as part of a plea agreement that would entail a prison term of 15 to 21 years. [23] [24] On 6 September 2021, Marques was sentenced to 27 years imprisonment and ordered to forfeit over $154,000. [25] [26]

Notable hosted sites

Successor

After the closure of Freedom Hosting, a new service, Freedom Hosting II, was created. In 2017, it ran 20 percent of all websites on the Tor network. [30] It was taken permanently offline later in 2017 during a coordinated hacking attack. [31] [32]

Related Research Articles

<span class="mw-page-title-main">Cybercrime</span> Type of crime based in computer networks

Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.

Ransomware is a type of cryptovirological malware that permanently blocks access to the victim's personal data unless a ransom is paid. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem, and difficult-to-trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult.

Watering hole is a computer attack strategy in which an attacker guesses or observes which websites an organization often uses and infects one or more of them with malware. Eventually, some member of the targeted group will become infected. Hacks looking for specific information may only attack users coming from a specific IP address. This also makes the hacks harder to detect and research. The name is derived from predators in the natural world, who wait for an opportunity to attack their prey near watering holes.

<span class="mw-page-title-main">Tor (network)</span> Free and open-source anonymity network based on onion routing

Tor, short for The Onion Router, is free and open-source software for enabling anonymous communication. It directs Internet traffic via a free, worldwide volunteer overlay network that consists of more than seven thousand relays.

<span class="mw-page-title-main">The Hidden Wiki</span> Defunct Tor wiki

The Hidden Wiki was a dark web MediaWiki wiki operating as a Tor hidden service that could be anonymously edited after registering on the site. The main page served as a directory of links to other .onion sites.

<span class="mw-page-title-main">Tor Mail</span> Defunct Tor email service

Tor Mail was a Tor hidden service that went offline in August 2013 after an FBI raid on Freedom Hosting. The service allowed users to send and receive email anonymously to email addresses inside and outside the Tor network.

<span class="mw-page-title-main">Lolita City</span> Defunct child pornography website

Lolita City was a child pornography website that used hidden services available through the Tor network. The site hosted images and videos of underage males and females ranging up to 17 years of age. The website was hosted by Freedom Hosting, a defunct Tor-based web hosting provider.

The dark web is the World Wide Web content that exists on darknets: overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user's location. The dark web forms a small part of the deep web, the part of the web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.

<span class="mw-page-title-main">Tor Ekeland</span> American lawyer

Tor Bernhard Ekeland is a New York City based computer, trial and appellate lawyer. He is best known for representing hackers prosecuted under the Computer Fraud and Abuse Act ("CFAA"), as well as white-collar defendants, in federal criminal court and on appeal across the United States.

<span class="mw-page-title-main">Doxbin (darknet)</span> Defunct document sharing website

Doxbin was an onion service. It was a pastebin primarily used by people posting personal data of any person of interest.

<span class="mw-page-title-main">Dark0de</span>

dark0de, also known as Darkode, is a cybercrime forum and black marketplace described by Europol as "the most prolific English-speaking cybercriminal forum to date". The site, which was launched in 2007, serves as a venue for the sale and trade of hacking services, botnets, malware, stolen personally identifiable information, credit card information, hacked server credentials, and other illicit goods and services.

HackBB was a Tor hidden service Internet forum specializing in buying stolen credit cards, skimming ATMs, and hacking computers, servers and accounts. The site was often a destination for hacked and stolen data dumps. At some point the site was hosted by Tor hosting company Freedom Hosting.

<span class="mw-page-title-main">Carding (fraud)</span> Crime involving the trafficking of credit card data

Carding is a term of the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass exploitation of personal data, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.

Network Investigative Technique, or NIT, is a form of malware employed by the FBI since at least 2002. It is a drive-by download computer program designed to provide access to a computer.

Operation Torpedo was a 2011 operation in which the Federal Bureau of Investigation (FBI) compromised three different hidden services hosting child pornography, which would then target anyone who happened to access them using a network investigative technique (NIT).

Playpen was a notorious darknet child pornography website that operated from August 2014 to March 2015. The website operated through the Tor network which allowed users to use the website anonymously. After running the website for 6 months, the website owner Steven W. Chase was captured by the FBI. After his capture, the FBI continued to run the website for another 13 days as part of Operation Pacifier.

Government hacking permits the exploitation of vulnerabilities in electronic products, especially software, to gain remote access to information of interest. This information allows government investigators to monitor user activity and interfere with device operation. Government attacks on security may include malware and encryption backdoors. The National Security Agency's PRISM program and Ethiopia's use of FinSpy are notable examples.

<span class="mw-page-title-main">FBI MoneyPak Ransomware</span>

The FBI MoneyPak Ransomware, also known as Reveton Ransomware, is a type of ransomware malware. It starts by purporting to be from a national police agency and that they have locked the computer or smart phone due to "illegal activities" and demands a ransom payment via GreenDot MoneyPak cards in order to release the device.

Boystown was a child pornography website run through the Tor network as a hidden service.

<span class="mw-page-title-main">Welcome to Video case</span> Investigation and prosecution of child sexual exploitation ring

The Welcome to Video case involved the investigation and prosecution of a child pornography ring which traded videos through the South Korean website Welcome to Video, owned and operated by Son Jung-woo. Authorities estimated about 360,000 downloads had been made through the website, which had roughly 1.2 million members, 4,000 of which were paid members, from 38 countries. Through international cooperation and investigations, 337 people were arrested on charges of possessing child pornography.

References

  1. Almost Half of Tor sites compromised by FBI Archived 2021-06-18 at the Wayback Machine , E-hacking News, (August 04, 2013).
  2. Howell O'Neill, Patrick (4 August 2013). "An in-depth guide to Freedom Hosting, the engine of the Dark Net" . Retrieved 30 May 2015.
  3. Finklea, Kristin (7 July 2015). "Dark Web" (PDF). Washington, D.C.: Congressional Research Service: 6. Archived from the original (PDF) on 27 October 2021. Retrieved 4 December 2021 via University of North Texas Libraries.{{cite journal}}: Cite journal requires |journal= (help)
  4. Gallagher, Sean (4 August 2013). "Alleged Tor hidden service operator busted for child porn distribution" . Retrieved 30 May 2015.
  5. "'Peeling back the layers of Tor with EgotisticalGiraffe' – read the document". Guardian. 4 October 2013.
  6. Samson, Ted (5 August 2013). "Tor Browser Bundle for Windows users susceptible to info-stealing attack". InfoWorld . Retrieved 28 April 2014.
  7. Poulsen, Kevin (8 May 2013). "Feds Are Suspects in New Malware That Attacks Tor Anonymity". Wired . Retrieved 29 April 2014.
  8. Owen, Gareth. "FBI Malware Analysis". Archived from the original on 17 April 2014. Retrieved 6 May 2014.
  9. Poulsen, Kevin (13 September 2013). "FBI Admits It Controlled Tor Servers Behind Mass Malware Attack". Wired . Retrieved 22 December 2013.
  10. Schneier, Bruce (4 October 2013). "Attacking Tor: how the NSA targets users' online anonymity". The Guardian . Retrieved 22 December 2013.
  11. 1 2 O’Doherty, Caroline (2021-09-16). "Eric Eoin Marquez: The Irishman labelled the 'kingpin' of child abuse material". Irish Examiner. Retrieved 2023-11-24.
  12. 1 2 3 4 "Eric Eoin Marques: 28-year-old architect's son from Dublin accused of being world's biggest dealer in child abuse images". Independent.ie. 2013-08-24. Retrieved 2023-11-24.
  13. O’Doherty, Caroline (2019-03-23). "Man with socialisation difficulties or a cold-blooded criminal?". Irish Examiner. Retrieved 2023-11-24.
  14. "US given 10 days to request extradition of child porn suspect". Irish Examiner . 8 August 2013.
  15. O'Faolain, Aodhan; Managh, Ray (3 August 2013). "FBI says Irishman is baron of online child porn". Irish Examiner . Archived from the original on 22 October 2020.
  16. Best, Jessica (21 January 2014). "Man branded 'largest facilitator of child porn on the planet' remanded in custody again". Daily Mirror . Retrieved 29 April 2014.
  17. Dingledine, Roger (5 August 2013). "Tor security advisory: Old Tor Browser Bundles vulnerable". Tor Project. Retrieved 28 April 2014.
  18. Smith, Lewis (11 May 2015). "Irish man fighting extradition to US over child abuse image charges has Asperger's syndrome, court hears". Independent . Retrieved 27 February 2016.
  19. O'Doherty, Caroline (2017-07-17). "The Irishman labelled the 'child porn kingpin'". Irish Examiner . Archived from the original on 7 November 2020. Retrieved 2018-06-30.
  20. "Man loses extradition challenge in child abuse images case". RTE News . 16 December 2016. Archived from the original on 13 December 2016. Retrieved 21 March 2017.
  21. Reynolds, Paul (20 March 2019). "Man loses extradition appeal over pornography charges". RTE News . Archived from the original on 29 March 2019.
  22. Aaron Rogan, Ruaidhrí Giblin, 'Dark web host' appeals against US extradition, The Times. December 20, 2016, Accessed March 21, 2017
  23. "Man dubbed 'largest facilitator' of child abuse images pleads guilty". The Associated Press. February 6, 2020. Retrieved July 14, 2020.
  24. "Dark Web Child Pornography Facilitator Pleads Guilty to Conspiracy to Advertise Child Pornography". 6 February 2020. Archived from the original on 12 January 2021.
  25. Brodkin, Jon (16 September 2021). "Man once called world's "largest facilitator of child porn" sentenced to 27 years". Ars Technica . Archived from the original on 17 September 2021.
  26. "Dark Web Child Pornography Facilitator Sentenced to 27 Years in Prison for Conspiracy to Advertise Child Pornography". 16 September 2021. Archived from the original on 16 September 2021.
  27. "Child abuse sites on Tor compromised by malware". 5 August 2013. Retrieved 2 August 2015.
  28. Poulsen, Kevin (27 January 2014). "If You Used This Secure Webmail Site, the FBI Has Your Inbox" . Retrieved 30 May 2015.
  29. Howell O'Neill, Patrick (4 August 2013). "An in-depth guide to Freedom Hosting, the engine of the Dark Net" . Retrieved 3 August 2015.
  30. Cox, Joseph (February 4, 2017). "We Talked to the Hacker Who Took Down a Fifth of the Dark Web" . Retrieved June 25, 2017.
  31. ID.nl, Redactie (26 August 2022). "Hackers leggen deel 'dark web' plat". ID.nl (in Dutch). Retrieved 17 April 2024.
  32. Smith, Daniel (23 August 2017). "The Evolution of the Dark Web – Radware Blog". DDoS Services. Retrieved 17 April 2024.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.