Freedom Hosting

Last updated
Freedom Hosting
Freedom Hosting Tor.jpg
Type of site
 Web hosting provider
Founder Eric Eoin Marques
Users Half of all Tor sites [1]
Written in PHP

Freedom Hosting was a Tor specialist web hosting service that was established in 2008. At its height in August 2013, it was the largest Tor web host. [2]

Contents

Anonymous denial-of-service attack

In 2011, Anonymous launched Operation Darknet, an anti-child pornography effort against activities on the dark web. One of the largest sites, Lolita City, hosted by Freedom Hosting, [3] was subject to a denial-of-service attack (DDoS), and later had its member list leaked following an SQL injection attack, as was The Hidden Wiki which linked to it. [4]

Federal investigation

In 2013, through undisclosed investigative methods, the FBI identified the IP address of a server that appeared to be associated with Freedom Hosting. The server was hosted by OVHcloud and was contracted under the name of Eric Marques. [5]

On July 22, 2013, pursuant to a mutual legal assistance treaty (MLAT) request to France, U.S. law enforcement received a copy of the data and information from this server. The server contained several encrypted "containers" for which law enforcement was unable to determine the content at the time. [6]

By July 30, 2013, investigators, through the use of cryptanalysis, were able to determine the password for the server's superuser account ("root"). This enabled law enforcement to obtain an unencrypted copy of the server's contents, confirming that the server was indeed hosting the Freedom Hosting website. [7]

De-anonymization attack

On August 4, 2013, several Tor hidden services hosted by Freedom Hosting, including TorMail, began displaying an error message. Source code analysis revealed the presence of a small JavaScript executable that exploited a vulnerability in outdated versions of the Tor Browser. [8] The executable retrieved the Windows hostname and MAC address of the user's computer, transmitting this information to a server controlled by U.S. law enforcement. [9] [8] [10]

The FBI acknowledged they were responsible for the attack in a 12 September 2013 court filing in Dublin; [11] further technical details from a training presentation leaked by Edward Snowden showed that the codename for the exploit was EgotisticalGiraffe. [12]

The site was founded and administered by an American-Irish citizen, Eric Eoin Marques (born April 29, 1985), who was born in New York City to an Irish mother and a Brazilian-born Portuguese father who worked as a successful architect. [13] [14] He had been referred to a psychiatrist as a young teenager with no specific diagnosis made. [15] He was described as timid and socially withdrawn, and had failed to complete school. [14] In 2005, Marques started a business named Host Ultra with his father before dissolving it in 2011. [14] [13] His father had justified the large amounts of money Marques made by claiming he worked at a bank. [14]

Marques was arrested in Ireland on 1 August 2013, on a provisional extradition warrant issued by a United States court on the 29th of July that year. [16] [17] The FBI sought to extradite Marques to Maryland on four charges — distributing, conspiring to distribute, and advertising child pornography  — as well as aiding and abetting advertising of child pornography. The warrant alleges that Marques was "the largest facilitator of child porn on the planet". [18] [19] His attorneys fought for several years to prevent his extradition to the United States on the grounds that he had Asperger's syndrome and would not receive the appropriate care in a US prison if extradited. [20] [21] In December 2016, the Irish Court of Appeal ruled the extradition should proceed. [22] This was not the end of his appeal process, however, and his lawyers announced they would make a new appeal to the Supreme Court. This appeal was dismissed by the Irish Supreme Court on 20 March 2019. [23] Marques faced life in prison if tried and convicted in the United States. [24] On 6 February 2020, Marques pleaded guilty to one count of conspiracy to advertise child abuse images, as part of a plea agreement that would entail a prison term of 15 to 21 years. [25] [26] On 6 September 2021, Marques was sentenced to 27 years imprisonment and ordered to forfeit over $154,000. [27] [28]

Notable hosted sites

Successor

After the closure of Freedom Hosting, a new service, Freedom Hosting II, was created. In 2017, it ran 20 percent of all websites on the Tor network. [32] It was taken permanently offline later in 2017 during a coordinated hacking attack. [33] [34]

References

  1. Almost Half of Tor sites compromised by FBI Archived 2021-06-18 at the Wayback Machine , E-hacking News, (August 04, 2013).
  2. Howell O'Neill, Patrick (4 August 2013). "An in-depth guide to Freedom Hosting, the engine of the Dark Net" . Retrieved 30 May 2015.
  3. Finklea, Kristin (7 July 2015). "Dark Web" (PDF). Washington, D.C.: Congressional Research Service: 6. Archived from the original (PDF) on 27 October 2021. Retrieved 4 December 2021 via University of North Texas Libraries.{{cite journal}}: Cite journal requires |journal= (help)
  4. Gallagher, Sean (4 August 2013). "Alleged Tor hidden service operator busted for child porn distribution" . Retrieved 30 May 2015.
  5. Federal Bureau of Investigation (March 25, 2019). "Amended Criminal Complaint: United States of America v. Eric Eoin Marques" (PDF). Justice.gov. p. "§18". Retrieved January 9, 2026.
  6. Federal Bureau of Investigation (March 25, 2019). "Amended Criminal Complaint: United States of America v. Eric Eoin Marques" (PDF). Justice.gov. pp. "§21-22". Retrieved January 9, 2026.
  7. Federal Bureau of Investigation (March 25, 2019). "Amended Criminal Complaint: United States of America v. Eric Eoin Marques" (PDF). Justice.gov. p. "§25". Retrieved January 9, 2026.
  8. 1 2 The Tor Project (August 5, 2013). "Tor Security Advisory: Old Tor Browser Bundles vulnerable". Tor Project Blog. Retrieved January 9, 2026.
  9. Paganini, Pierluigi (January 28, 2016). "FBI hacked TorMail to identify its users". Security Affairs. Retrieved January 9, 2026.
  10. Poulsen, Kevin (January 27, 2014). "Feds Infiltrated TorMail Account to Snare Alleged Pedophile". Wired. Archived from the original on January 28, 2014. Retrieved January 9, 2026.
  11. Poulsen, Kevin (13 September 2013). "FBI Admits It Controlled Tor Servers Behind Mass Malware Attack". Wired . Retrieved 22 December 2013.
  12. Schneier, Bruce (4 October 2013). "Attacking Tor: how the NSA targets users' online anonymity". The Guardian . Retrieved 22 December 2013.
  13. 1 2 O’Doherty, Caroline (2021-09-16). "Eric Eoin Marquez: The Irishman labelled the 'kingpin' of child abuse material". Irish Examiner. Retrieved 2023-11-24.
  14. 1 2 3 4 "Eric Eoin Marques: 28-year-old architect's son from Dublin accused of being world's biggest dealer in child abuse images". Independent.ie. 2013-08-24. Retrieved 2023-11-24.
  15. O’Doherty, Caroline (2019-03-23). "Man with socialisation difficulties or a cold-blooded criminal?". Irish Examiner. Retrieved 2023-11-24.
  16. "US given 10 days to request extradition of child porn suspect". Irish Examiner . 8 August 2013.
  17. O'Faolain, Aodhan; Managh, Ray (3 August 2013). "FBI says Irishman is baron of online child porn". Irish Examiner . Archived from the original on 22 October 2020.
  18. Best, Jessica (21 January 2014). "Man branded 'largest facilitator of child porn on the planet' remanded in custody again". Daily Mirror . Retrieved 29 April 2014.
  19. Dingledine, Roger (5 August 2013). "Tor security advisory: Old Tor Browser Bundles vulnerable". Tor Project. Retrieved 28 April 2014.
  20. Smith, Lewis (11 May 2015). "Irish man fighting extradition to US over child abuse image charges has Asperger's syndrome, court hears". Independent . Retrieved 27 February 2016.
  21. O'Doherty, Caroline (2017-07-17). "The Irishman labelled the 'child porn kingpin'". Irish Examiner . Archived from the original on 7 November 2020. Retrieved 2018-06-30.
  22. "Man loses extradition challenge in child abuse images case". RTE News . 16 December 2016. Archived from the original on 13 December 2016. Retrieved 21 March 2017.
  23. Reynolds, Paul (20 March 2019). "Man loses extradition appeal over pornography charges". RTE News . Archived from the original on 29 March 2019.
  24. Aaron Rogan, Ruaidhrí Giblin, 'Dark web host' appeals against US extradition, The Times. December 20, 2016, Accessed March 21, 2017
  25. "Man dubbed 'largest facilitator' of child abuse images pleads guilty". The Associated Press. February 6, 2020. Retrieved July 14, 2020.
  26. "Dark Web Child Pornography Facilitator Pleads Guilty to Conspiracy to Advertise Child Pornography". 6 February 2020. Archived from the original on 12 January 2021.
  27. Brodkin, Jon (16 September 2021). "Man once called world's "largest facilitator of child porn" sentenced to 27 years". Ars Technica . Archived from the original on 17 September 2021.
  28. "Dark Web Child Pornography Facilitator Sentenced to 27 Years in Prison for Conspiracy to Advertise Child Pornography". 16 September 2021. Archived from the original on 16 September 2021.
  29. "Child abuse sites on Tor compromised by malware". 5 August 2013. Retrieved 2 August 2015.
  30. Poulsen, Kevin (27 January 2014). "If You Used This Secure Webmail Site, the FBI Has Your Inbox" . Retrieved 30 May 2015.
  31. Howell O'Neill, Patrick (4 August 2013). "An in-depth guide to Freedom Hosting, the engine of the Dark Net" . Retrieved 3 August 2015.
  32. Cox, Joseph (February 4, 2017). "We Talked to the Hacker Who Took Down a Fifth of the Dark Web" . Retrieved June 25, 2017.
  33. ID.nl, Redactie (26 August 2022). "Hackers leggen deel 'dark web' plat". ID.nl (in Dutch). Retrieved 17 April 2024.
  34. Smith, Daniel (23 August 2017). "The Evolution of the Dark Web – Radware Blog". DDoS Services. Retrieved 17 April 2024.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.