Playpen (website)

Last updated
Type of site
Child pornography sharing
Available in English
LaunchedAugust 2014
Current statusOffline (as of March 2015)

Playpen was a notorious darknet child pornography website that operated from August 2014 to March 2015. [1] [2] The website operated through a hidden service through the Tor network which allowed users to use the website anonymously. After running the website for 6 months, the website owner Steven W. Chase was captured by the FBI. After his capture, the FBI continued to run the website for another 13 days as part of Operation Pacifier.


When it was shut down in March 2015, the site had over 215,000 users and hosted 23,000 sexually explicit images and videos of children as young as toddlers.

Website shutdown

The shutdown operation, called Operation Pacifier, involved the FBI hijacking the site and continuing to serve content for two weeks (from February 19, 2015 until March 4, 2015). During this time the FBI used a malware-based "Network Investigative Technique" to hack into the web browsers of users accessing the site, thereby revealing their identities. The operation led to the arrest of 900 site users and three prison sentences.


The investigation led to the sentencing of Steven W. Chase, a 57-year-old from Florida who created the website, to 30 years in prison in May 2017. His two co-defendants pleaded guilty and were sentenced to 20 years each earlier in 2017 for their involvement in Playpen. [1]

In 2017, charges were dropped against one member of the site, after the court demanded that details of the hacking tool be released. The FBI preferred to keep the NIT (network investigative technique) malware a secret for future investigations. [3] [4] [5]

Shutdown criticisms

The investigation was criticized by the Electronic Frontier Foundation because, after having taken control of the website, the FBI continued for nearly two weeks to operate the website and thus distribute child pornography, i.e. exactly the same crime the bureau sought to stop. [6] The lawyer of a defendant in the case stated that the FBI not only operated the website, but improved it so its number of visitors rose sharply while it was under their control. [7]

Challenges were raised about the FBI's possibly severe misuse of the initial search warrant, leading to the likely dismissal of much of the gathered evidence against one defendant. [8] [9] On August 28, 2019, the Eleventh Circuit Court of Appeals ruled that the warrant was invalid but that the evidence obtained was not required to be excluded due to the good-faith exception doctrine. [10]

Related Research Articles

Cybercrime, or computer crime, is a crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Cybercrime may harm someone's security and financial health.

Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult.

Child erotica is non-pornographic material relating to children that is used by any individuals for sexual purposes. It is a broader term than child pornography, incorporating material that may cause sexual arousal such as nonsexual images, books or magazines on children or pedophilia, toys, diaries, or clothes. Law enforcement investigators have found that child erotica is often collected by pedophiles and child sexual abuse offenders. Child erotica may be collected as a form of compulsive behavior and as a substitute for illegal child pornography and is often a form of evidence for criminal behavior.

Tor (network) Free and open-source anonymity network based on onion routing

Tor is free and open-source software for enabling anonymous communication. It directs Internet traffic through a free, worldwide, volunteer overlay network, consisting of more than seven thousand relays, for concealing a user's location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace the Internet activity to the user. Tor's intended use is to protect the personal privacy of its users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities unmonitored.

Silk Road (marketplace) 2011–2014 darknet market known for the sale of illegal drugs

Silk Road was an online black market and the first modern darknet market, best known as a platform for selling illegal drugs. As part of the dark web, it was operated as a Tor hidden service, such that online users were able to browse it anonymously and securely without potential traffic monitoring. The website was launched in February 2011; development had begun six months prior. Initially there were a limited number of new seller accounts available; new sellers had to purchase an account in an auction. Later, a fixed fee was charged for each new seller account. Silk Road provided goods and services to over 100,000 buyers.

The Hidden Wiki

The Hidden Wiki was a dark web MediaWiki wiki operating as Tor hidden services that could be anonymously edited after registering on the site. The main page served as a directory of links to other .onion sites.

Lolita City Defunct child pornography website

Lolita City was a website that used hidden services available through the Tor network. The site hosted child pornography images and videos of underage males and females ranging up to 17 years of age.

Freedom Hosting is a defunct Tor specialist web hosting service that was established in 2008. At its height in August 2013, it was the largest Tor webhost.

The dark web is the World Wide Web content that exists on darknets: overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user's location. The dark web forms a small part of the deep web, the part of the Web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.

Operation Onymous International police operation targeting darknet markets

Operation Onymous was an international law enforcement operation targeting darknet markets and other hidden services operating on the Tor network.

Doxbin Document sharing website

Doxbin was a document sharing and publishing website which invited users to contribute personally identifiable information, or "dox", of any person of interest. It was previously operated on the darknet as a Tor hidden service, by a person known on the internet as nachash. Since its takedown in 2014, nachash has stepped down and relinquished his ownership to a predecessor that used the username "King Oren" when interviewed. He said in an interview that he is hosting Doxbin on the World Wide Web, as well as on Darknet and Tor hidden service websites. He declined to release the link to either of them, saying, "The people that use the service know how to find it, that's what keeps it secure and out of the reach of incompetent people using it for malice things".

DeepDotWeb was a news site dedicated to events in and surrounding the dark web featuring interviews and reviews about darknet markets, Tor hidden services, privacy, bitcoin, and related news. The website was seized on May 7, 2019, during an investigation into the owners' affiliate marketing model, in which they received money for posting links to certain darknet markets. On which they were charged with conspiracy to commit money laundering. In March 2021 site administrator Tal Prihar pleaded guilty to his charge of conspiracy to commit money laundering.

Carding (fraud) Crime involving the trafficking of credit card data

Carding is a term describing the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass procurement of details, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.

Network Investigative Technique, or NIT, is a form of malware employed by the FBI since at least 2002. It is a drive-by download computer program designed to provide access to a computer.

Operation Torpedo was a 2011 operation in which the Federal Bureau of Investigation (FBI) compromised three different hidden services hosting child pornography, which would then target anyone who happened to access them using a network investigative technique (NIT).

Childs Play (website)

Childs Play was a darknet child abuse website that operated from April 2016 to September 2017, which at its peak was the largest of its class. The site was concealed by being run as a hidden service on the Tor network. After running the site for the first six months, owner Benjamin Faulkner of Guelph, Ontario, Canada was captured by the United States Department of Homeland Security. For the remaining eleven months the website was owned and operated by the Australian Queensland Police Service's Task Force Argos, as part of Operation Artemis.

Government hacking permits the exploitation of vulnerabilities in electronic products, especially software, to gain remote access to information of interest. This information allows government investigators to monitor user activity and interfere with device operation. Government attacks on security may include malware and encryption backdoors. The National Security Agency's PRISM program and Ethiopia's use of FinSpy are notable examples.

FBI MoneyPak Ransomware

The FBI MoneyPak Ransomware, also known as Reveton Ransomware, is a type of ransomware malware. It starts by purporting to be from a national police agency and that they have locked the computer or smart phone due to "illegal activities" and demands a ransom payment via GreenDot MoneyPak cards in order to release the device.

The "Welcome To Video" case is a case in which about 1.28 million members from 32 countries traded sexually exploitative videos of children through the "Welcome to Video" website opened on the Dark Web in 2015. The number of known downloads is 360,000. This is the first case in South Korea where a criminal suspect was found using the Darknet. Son Jung-woo, a Korean operator, was scheduled to be released from prison on April 27, 2020, but his release was delayed due to the U.S. demand for the repatriation of criminals and was released on July 6. According to international cooperation investigations in 32 countries, 310 people were arrested on charges of possessing child pornography.


  1. 1 2 Farivar, Cyrus (2017-05-05). "Creator of infamous Playpen website sentenced to 30 years in prison". Ars Technica . Retrieved 2017-05-08.
  2. Cimpanu, Catalin (2016-09-17). "Admin of Dark Web Child Pornography Website "Playpen" Found Guilty". . Retrieved 2017-05-07.
  3. SeattlePI, Levi Pulkkinen (July 14, 2015). "FBI: Special ed teacher caught with infant rape photos".
  4. Newman, Lily Hay (2017-03-07). "The Feds Would Rather Drop a Child Porn Case Than Give Up a Tor Exploit". Wired.
  5. Farivar, Cyrus (2017-03-05). "To keep Tor hack source code secret, DOJ dismisses child porn case". Ars Technica .
  6. Rumold, Mark (2016-09-15). "Playpen: The Story of the FBI's Unprecedented and Illegal Hacking Operation". . Retrieved 2017-05-08.
  7. Conditt, Jessica (2016-08-23). "FBI improved a Dark Web child pornography site, lawyer argues". . Retrieved 2017-05-08.
  8. "A massive FBI child porn probe has lawyers asking: Does the end justify the means?". Star Tribune.
  9. "It is not OK to break the law to catch criminals, judge rules". June 8, 2017.
  10. "No. 17-14915 and No. 18-11852" (PDF).