Freedom Hosting

Last updated
This defunct hosting site is not related to Freedom Hosting Pty Ltd, which is operating in Australia. [1]
Freedom Hosting
Created byEric Eoin Marques
URL (2011) (2003)
Users Half of all Tor sites. [2]

Freedom Hosting is a defunct Tor specialist web hosting service that was established in 2008. At its height in August 2013, it was the largest Tor webhost. [3]


Anonymous denial-of-service attack

In 2011, Anonymous launched Operation Darknet, an anti-child pornography effort against activities on the dark web. One of the largest sites, Lolita City, hosted by Freedom Hosting, was Denial-of-service attacked (DDoS), and later had its member list leaked following a SQL injection attack, as was The Hidden Wiki which linked to it. [4]

Federal investigation

News reports linked a Firefox browser vulnerability to a United States Federal Bureau of Investigation (FBI) operation targeting Freedom Hosting's owner, Eric Eoin Marques. In August 2013, it was discovered that the Firefox browsers in many older versions of the Tor Browser Bundle were vulnerable to a JavaScript attack, as NoScript was not enabled by default. [5] This attack was being exploited to send users' MAC and IP addresses and Windows computer names to the attackers. [6] [7] [8] The FBI acknowledged they were responsible for the attack in a September 12, 2013 court filing in Dublin; [9] further technical details from a training presentation leaked by Edward Snowden showed that the codename for the exploit was EgotisticalGiraffe. [10]

Marques was arrested in Ireland on a provisional extradition warrant issued by a United States court on July 29, 2014. The FBI sought to extradite Marques to Maryland on four charges — distributing, conspiring to distribute, and advertising child pornography  — as well as aiding and abetting advertising of child pornography. The warrant alleges that Marques was "the largest facilitator of child porn on the planet". [11] [12] His attorneys fought for several years to prevent his extradition to the United States on the grounds that he had Asperger syndrome, and would not receive the appropriate care in a US prison, if extradited. [13] [14] In December 2016, the Irish Court of Appeal ruled the extradition should proceed. [15] This was not the end of his appeal process, however, and his lawyers announced they would make a new appeal to the Supreme Court. This appeal was dismissed by the Irish Supreme Court on March 20, 2019. [16] Marques faced life in prison if tried and convicted in the United States. [17] On February 6, 2020, Marques plead guilty to one count of conspiracy to advertise child abuse images, as part of a plea agreement that would entail a prison term of 15 to 21 years. [18]

Notable hosted sites

Proceeding site

Since Freedom Hosting was closed, a new organization, Freedom Hosting II was created, running 20 percent of all dark web sites. [22]

Related Research Articles

Operation Ore was a British police operation that commenced in 1999 following information received from US law enforcement, which was intended to prosecute thousands of users of a website reportedly featuring child pornography. It was the United Kingdom's biggest ever computer crime investigation, leading to 7,250 suspects identified, 4,283 homes searched, 3,744 arrests, 1,848 charged, 1,451 convictions, 493 cautioned and 140 children removed from suspected dangerous situations and an estimated 33 suicides. Operation Ore identified and prosecuted some sex offenders, but the validity of the police procedures was later questioned, as errors in the investigations resulted in many false arrests.

Ransomware is a type of malware from cryptovirology that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult.

Child erotica is non-pornographic material relating to children that is used by any individuals for sexual purposes. It is a broader term than child pornography, incorporating material that may cause sexual arousal such as nonsexual images, books or magazines on children or pedophilia, toys, diaries, or clothes. Law enforcement investigators have found that child erotica is often collected by pedophiles and child sexual abuse offenders. Child erotica may be collected as a form of compulsive behavior and as a substitute for illegal child pornography and is often a form of evidence for criminal behavior.

Internet censorship in the United Kingdom is conducted under a variety of laws, judicial processes, administrative regulations and voluntary arrangements. It is achieved by blocking access to sites as well as the use of laws that criminalise publication or possession of certain types of material. These include English defamation law, the Copyright law of the United Kingdom, regulations against incitement to terrorism and child pornography.

Tor (anonymity network) Free and open-source anonymity network based on onion routing

Tor is free and open-source software for enabling anonymous communication by directing Internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays in order to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace the Internet activity to the user: this includes "visits to Web sites, online posts, instant messages, and other communication forms". Tor's intended use is to protect the personal privacy of its users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities unmonitored.

An obscenity is any utterance or act that strongly offends the prevalent morality of the time. It is derived from the Latin obscēnus, obscaenus, "boding ill; disgusting; indecent", of uncertain etymology. The word can be used to indicate a strong moral repugnance, in expressions such as "obscene profits" or "the obscenity of war". As a legal term, it usually refers to graphic depictions of people engaged in sexual and excretory activity.

The Hidden Wiki

The Hidden Wiki was a dark web MediaWiki wiki operating as Tor hidden services that could be anonymously edited after registering on the site. The main page served as a directory of links to other .onion sites.

Tor Mail

Tor Mail was a Tor hidden service that went offline in August 2013 after an FBI raid on Freedom Hosting. The service allowed users to send and receive email anonymously, to email addresses inside and outside the Tor network.

The dark web is the World Wide Web content that exists on darknets: overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user's location. The dark web forms a small part of the deep web, the part of the Web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.

The precise number of websites blocked in the United Kingdom is unknown. Blocking techniques vary from one Internet service provider (ISP) to another with some sites or specific URLs blocked by some ISPs and not others. Websites and services are blocked using a combination of data feeds from private content-control technology companies, government agencies, NGOs, court orders in conjunction with the service administrators who may or may not have the power to unblock, additionally block, appeal or recategorise blocked content.

Operation Onymous International police operation targeting darknet markets

Operation Onymous was an international law enforcement operation targeting darknet markets and other hidden services operating on the Tor network.

Doxbin Document sharing website

Doxbin was a document sharing and publishing website which invited users to contribute personally identifiable information, or "dox", of any person of interest. It was previously operated on the darknet as a Tor hidden service, by a person known on the internet as nachash. Since its takedown in 2014, nachash has stepped down and relinquished his ownership to a predecessor that used the username "King Oren" when interviewed. He said in an interview that he is hosting Doxbin on the World Wide Web, as well as on Darknet and Tor hidden service websites. He declined to release the link to either of them, saying, "The people that use the service know how to find it, that's what keeps it secure and out of the reach of incompetent people using it for malice things".

Pornhub Pornographic video sharing website owned by MindGeek

Pornhub is a Canadian-owned internet pornography website. It is one of several pornographic video-streaming websites owned by Mindgeek. As of June 2020, Pornhub is the 10th most trafficked website in the world and the third most-trafficked adult website after XVideos and XNXX.


dark0de, also known as Darkode, is a cybercrime forum and black marketplace described by Europol as "the most prolific English-speaking cybercriminal forum to date". This site which was launched in 2007, serves as a venue for the sale and trade of hacking services, botnets, malware, and other illicit goods and services.

HackBB was a Tor hidden service Internet forum specializing in buying stolen credit cards, skimming ATMs, and hacking computers, servers and accounts. The site was often a destination for hacked and stolen data dumps. At some point the site was hosted by Tor hosting company Freedom Hosting.

Carding (fraud) Crime involving the trafficking of credit card data

Carding is a term describing the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass procurement of details, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.

Network Investigative Technique, or NIT, is a form of malware employed by the FBI since at least 2002. It is a drive-by download computer program designed to provide access to a computer.

Operation Pacifier is or was a large scale hacking campaigning from the Federal Bureau of Investigation, launched in 2015, investigating criminal activity on the dark web. It was the largest such operation since Operation Torpedo.

Operation Torpedo was a 2011 operation in which the Federal Bureau of Investigation (FBI) compromised three different hidden services hosting child pornography, which would then target anyone who happened to access them using a network investigative technique (NIT).

Playpen was a notorious darknet child pornography website created in August 2014. When it was shut down in February 2015, the site had over 215,000 users and hosted 23,000 sexually explicit images and videos of children as young as toddlers.


  1. "Australian Business Registration Search". 17 January 2017. Retrieved 17 January 2017.
  2. Almost Half of Tor sites compromised by FBI, E-hacking News, (August 04, 2013).
  3. Howell O'Neill, Patrick (4 August 2013). "An in-depth guide to Freedom Hosting, the engine of the Dark Net" . Retrieved 30 May 2015.
  4. Gallagher, Sean (4 August 2013). "Alleged Tor hidden service operator busted for child porn distribution" . Retrieved 30 May 2015.
  5. "'Peeling back the layers of Tor with EgotisticalGiraffe' – read the document". Guardian. 4 October 2013.
  6. Samson, Ted (5 August 2013). "Tor Browser Bundle for Windows users susceptible to info-stealing attack". InfoWorld . Retrieved 28 April 2014.
  7. Poulsen, Kevin (8 May 2013). "Feds Are Suspects in New Malware That Attacks Tor Anonymity". Wired . Retrieved 29 April 2014.
  8. Owen, Gareth. "FBI Malware Analysis". Archived from the original on 17 April 2014. Retrieved 6 May 2014.[ self-published source? ]
  9. Poulsen, Kevin (13 September 2013). "FBI Admits It Controlled Tor Servers Behind Mass Malware Attack". Wired . Retrieved 22 December 2013.
  10. Schneier, Bruce (4 October 2013). "Attacking Tor: how the NSA targets users' online anonymity". The Guardian . Retrieved 22 December 2013.
  11. Best, Jessica (21 January 2014). "Man branded 'largest facilitator of child porn on the planet' remanded in custody again". Daily Mirror . Retrieved 29 April 2014.
  12. Dingledine, Roger (5 August 2013). "Tor security advisory: Old Tor Browser Bundles vulnerable". Tor Project. Retrieved 28 April 2014.
  13. Smith, Lewis (11 May 2015). "Irish man fighting extradition to US over child abuse image charges has Asperger's syndrome, court hears". Independent . Retrieved 27 February 2016.
  14. "The Irishman labelled the 'child porn kingpin'". 2017-07-17. Retrieved 2018-06-30.
  15. "Man loses extradition challenge in child abuse images case". RTE News. December 16, 2016, Accessed March 21, 2017
  17. Aaron Rogan, Ruaidhrí Giblin, 'Dark web host' appeals against US extradition, The Times. December 20, 2016, Accessed March 21, 2017
  18. "Man dubbed 'largest facilitator' of child abuse images pleads guilty". The Associated Press. February 6, 2020. Retrieved July 14, 2020.
  19. "Child abuse sites on Tor compromised by malware". 5 August 2013. Retrieved 2 August 2015.
  20. Poulsen, Kevin (27 January 2014). "If You Used This Secure Webmail Site, the FBI Has Your Inbox" . Retrieved 30 May 2015.
  21. Howell O'Neill, Patrick (4 August 2013). "An in-depth guide to Freedom Hosting, the engine of the Dark Net" . Retrieved 3 August 2015.
  22. Cox, Joseph (February 4, 2017). "We Talked to the Hacker Who Took Down a Fifth of the Dark Web" . Retrieved June 25, 2017.