Playpen (website)

Last updated
Playpen
Type of site
 Child pornography sharing
Available in English
LaunchedAugust 2009
Current statusOffline (as of May 2015)

Playpen was a notorious darknet child pornography website that operated from August 2014 to March 2015. [1] [2] The website operated through the Tor network which allowed users to use the website anonymously. After running the website for 6 months, the website owner Steven W. Chase was captured by the FBI. After his capture, the FBI continued to run the website for another 13 days as part of Operation Pacifier.

Contents

When it was shut down in March 2015, the site had over 215,000 users and hosted 23,000 sexually explicit images and videos of children as young as toddlers. [2]

Website shutdown

The shutdown operation, called Operation Pacifier, involved the Federal Bureau of Investigation (FBI) hijacking the site and continuing to serve content for two weeks (from February 19, 2015 until March 4, 2015). During this time the FBI used a malware-based "Network Investigative Technique" (NIT) to hack into the web browsers of users accessing the site in what is known as a watering hole attack, thereby revealing their identities. The operation led to the arrest of 956 site users and five prison sentences.

While the FBI claimed to have knowledge about the existence of the website right from its beginning, it was unable to track down the servers locations or the site owner. This was because the website was hosted anonymously through Tor. Only a mishap of the site owner revealing his IP address finally allowed the law enforcement to track down both page and personnel. [1]

Convictions

The investigation led to the sentencing of Steven W. Chase, a 58-year-old man from Florida who created the website, to 30 years in prison in May 2017. His two co-defendants pleaded guilty and were sentenced to 20 years each earlier in 2017 for their involvement in Playpen. [1]

In 2017, the FBI dropped charges against one defendant after the court for that case requested details on the NIT malware. The FBI preferred to keep the NIT malware a secret for future investigations. [3] [4] [5]

Shutdown criticisms

The investigation was criticized by the Electronic Frontier Foundation because of the generality of the warrant, and because after having taken control of the website, the FBI continued for nearly two weeks to operate the website and thus distribute child pornography, i.e. exactly the same crime the bureau sought to stop. [6] The lawyer of a defendant in the case stated that the FBI not only operated the website, but improved it so its number of visitors rose sharply while it was under their control. [7]

Challenges were raised about the FBI's possibly severe misuse of the initial search warrant, leading to the likely dismissal of much of the gathered evidence against one defendant. [8] [9] The warrant stated it was to be used to gather information on people in the Eastern District of Virginia only, but because the NIT malware indiscriminately infected people using the site, it was in fact used to gather information from many other areas. [10] Before the change to Rule 41 in 2016 to allow it, this was illegal. [11] On August 28, 2019, the Eleventh Circuit Court of Appeals ruled that the warrant was invalid but that the evidence obtained was not required to be excluded due to the good-faith exception doctrine. [12]

Related Research Articles

Operation Ore was a British police operation that commenced in 1999 following information received from US law enforcement, which was intended to prosecute thousands of users of a website reportedly featuring child pornography. It was the United Kingdom's biggest ever computer crime investigation, leading to 7,250 suspects identified, 4,283 homes searched, 3,744 arrests, 1,848 charged, 1,451 convictions, 493 cautioned and 140 children removed from suspected dangerous situations and an estimated 33 suicides. Operation Ore identified and prosecuted some sex offenders, but the validity of the police procedures was later questioned, as errors in the investigations resulted in many false arrests.

Operation Avalanche was a major United States investigation of child pornography on the Internet launched in 1999 after the arrest and conviction of Thomas and Janice Reedy, who operated an Internet pornography business called Landslide Productions in Fort Worth, Texas. It was made public in early August 2001 at the end of Operation Avalanche that 100 arrests were made out of 144 suspects. It was followed by Operation Ore in the United Kingdom, Operation Snowball in Canada, Operation Pecunia in Germany, Operation Amethyst in Ireland and Operation Genesis in Switzerland.

Ransomware is a type of cryptovirological malware that permanently blocks access to the victim's personal data unless a ransom is paid. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem, and difficult-to-trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult.

Watering hole is a computer attack strategy in which an attacker guesses or observes which websites an organization often uses and infects one or more of them with malware. Eventually, some member of the targeted group will become infected. Hacks looking for specific information may only attack users coming from a specific IP address. This also makes the hacks harder to detect and research. The name is derived from predators in the natural world, who wait for an opportunity to attack their prey near watering holes.

Child erotica is non-pornographic material relating to children that is used by any individuals for sexual purposes. It is a broader term than child pornography, incorporating material that may cause sexual arousal such as nonsexual images, books or magazines on children or pedophilia, toys, diaries, or clothes. Law enforcement investigators have found that child erotica is often collected by pedophiles and child sexual abuse offenders. It may be collected as a form of compulsive behavior and as a substitute for illegal underage pornography and is often a form of evidence for criminal behavior.

<span class="mw-page-title-main">Tor (network)</span> Free and open-source anonymity network based on onion routing

Tor, short for The Onion Router, is free and open-source software for enabling anonymous communication. It directs Internet traffic via a free, worldwide volunteer overlay network that consists of more than seven thousand relays.

Hunter Edward Moore is an American convicted criminal from Sacramento, California. Rolling Stone called him "the most hated man on the Internet." In 2010, he created the revenge porn website Is Anyone Up? which allowed users to post sexually explicit photos of people online without their consent, often accompanied by personal information such as their names and addresses. He refused to take down pictures on request. Moore called himself "a professional life ruiner" and compared himself to Charles Manson. The website was up for 16 months, during which Moore stated several times he was protected by the same laws that protect Facebook. Moore also paid a hacker to break into email accounts of victims and steal private photos to post.

<span class="mw-page-title-main">Tor Mail</span> Defunct Tor email service

Tor Mail was a Tor hidden service that went offline in August 2013 after an FBI raid on Freedom Hosting. The service allowed users to send and receive email anonymously to email addresses inside and outside the Tor network.

<span class="mw-page-title-main">Freedom Hosting</span> Defunct Tor web hosting service

Freedom Hosting was a Tor specialist web hosting service that was established in 2008. At its height in August 2013, it was the largest Tor web host.

The dark web is the World Wide Web content that exists on darknets: overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user's location. The dark web forms a small part of the deep web, the part of the web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.

<span class="mw-page-title-main">Tor Ekeland</span> American lawyer

Tor Bernhard Ekeland is a New York City based computer, trial and appellate lawyer. He is best known for representing hackers prosecuted under the Computer Fraud and Abuse Act ("CFAA"), as well as white-collar defendants, in federal criminal court and on appeal across the United States.

<span class="mw-page-title-main">Matt DeHart</span> Former U.S. intelligence analyst and sex offender

Matt Paul DeHart is an American citizen and former U.S. Air National Guard intelligence analyst and a registered sex offender. He has made several unconfirmed claims, including that he received classified documents alleging the CIA was involved in the 2001 anthrax attacks in the United States and that the government used child pornography charges to frame him for possession of state secrets.

<span class="mw-page-title-main">Operation Onymous</span> International police operation targeting darknet markets

Operation Onymous was an international law enforcement operation targeting darknet markets and other hidden services operating on the Tor network.

HackBB was a Tor hidden service Internet forum specializing in buying stolen credit cards, skimming ATMs, and hacking computers, servers and accounts. The site was often a destination for hacked and stolen data dumps. At some point the site was hosted by Tor hosting company Freedom Hosting.

Network Investigative Technique, or NIT, is a form of malware employed by the FBI since at least 2002. It is a drive-by download computer program designed to provide access to a computer.

Operation Torpedo was a 2011 operation in which the Federal Bureau of Investigation (FBI) compromised three different hidden services hosting child pornography, which would then target anyone who happened to access them using a network investigative technique (NIT).

Government hacking permits the exploitation of vulnerabilities in electronic products, especially software, to gain remote access to information of interest. This information allows government investigators to monitor user activity and interfere with device operation. Government attacks on security may include malware and encryption backdoors. The National Security Agency's PRISM program and Ethiopia's use of FinSpy are notable examples.

<span class="mw-page-title-main">FBI MoneyPak Ransomware</span>

The FBI MoneyPak Ransomware, also known as Reveton Ransomware, is a type of ransomware malware. It starts by purporting to be from a national police agency and that they have locked the computer or smart phone due to "illegal activities" and demands a ransom payment via GreenDot MoneyPak cards in order to release the device.

<span class="mw-page-title-main">Welcome to Video case</span> Investigation and prosecution of child sexual exploitation ring

The Welcome to Video case involved the investigation and prosecution of a child pornography ring which traded videos through the South Korean website Welcome to Video, owned and operated by Son Jung-woo. Authorities estimated about 360,000 downloads had been made through the website, which had roughly 1.2 million members, 4,000 of which were paid members, from 38 countries. Through international cooperation and investigations, 337 people were arrested on charges of possessing child pornography.

Operation Lobos (, also known as Operation Wolves, was a Brazilian-centered 12-country, multinational operation, to target operations of a TOR onion service known as Baby Heart. Additional objectives/targets of the joint operation were the deanonymization of the TOR host server, TOR administrator and TOR users associated with the Target Website and several other targeted websites/chat-sites that were alleged to contain or be used to traffic illegal images of child sexual abuse materials and other categories of legal nude and non-nude images of persons under 18. As of February 2024, the complete list of target websites/chat-sites involved in this operation have not been released by any government, however, the primary targets appeared to be the following: Baby-Heart, Hurt-meh, Boyvids 4.0, Anjos Prohibidos /Forbidden-Angels, and Loli Lust. Court documents have indicated that there were at least two other websites/chat-sites that were targeted, however the names of the websites/chat-sites have not been made public.

References

  1. 1 2 3 Farivar, Cyrus (2017-05-05). "Creator of infamous Playpen website sentenced to 30 years in prison". Ars Technica . Retrieved 2017-05-08.
  2. 1 2 Cimpanu, Catalin (2016-09-17). "Admin of Dark Web Child Pornography Website "Playpen" Found Guilty". news.softpedia.com . Retrieved 2017-05-07.
  3. Pulkkinen, Levi (July 14, 2015). "FBI: Special ed teacher caught with infant rape photos". Seattle Post-Intelligencer .
  4. Newman, Lily Hay (March 7, 2017). "The Feds Would Rather Drop a Child Porn Case Than Give Up a Tor Exploit". Wired .
  5. Farivar, Cyrus (March 5, 2017). "To keep Tor hack source code secret, DOJ dismisses child porn case". Ars Technica .
  6. Rumold, Mark (2016-09-15). "Playpen: The Story of the FBI's Unprecedented and Illegal Hacking Operation". eff.org . Retrieved 2017-05-08.
  7. Conditt, Jessica (2016-08-23). "FBI improved a Dark Web child pornography site, lawyer argues". engadget.com . Retrieved 2017-05-08.
  8. "A massive FBI child porn probe has lawyers asking: Does the end justify the means?". Star Tribune.
  9. "It is not OK to break the law to catch criminals, judge rules". June 8, 2017.
  10. Rumold, Mark (2016-09-26). "The Playpen Story: Rule 41 and Global Hacking Warrants". Electronic Frontier Foundation. Retrieved 2023-03-17.
  11. "How an obscure rule lets law enforcement search any computer". Engadget. December 2016. Retrieved 2023-03-17.
  12. "No. 17-14915 and No. 18-11852" (PDF).
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.