Tor is a free software that implements second-generation onion routing, a system enabling its users to communicate anonymously on the internet. The software is popular among Deep Web (part of the web that can't be accessed by ordinary means) users.
But is it totally safe?
Not always. Especially when the FBI has developed a new spyware. Its intentions? To track and catch suspects of child pornography. So even if people use Tor to access, view or download such explicit materials of children, the FBI will be able to pinpoint your whereabouts.
Back in February 2015, the FBI has managed to seize server in North Carolina, U.S., that were being used by websites to host child porn and abusive contents. After seizing the servers, the FBI found out that those websites had more than 200,000 pedophiles.
So instead of shutting down those servers, the agents decided to plant spyware on them, leaving the server to operate for about to weeks before catching those than infringe the laws.
Because Tor users on the invisible Deep Web are almost impossible to track, the FBI has been using Network Investigation Techniques (NIT) for more than a decade. Termed as a spyware, the FBI infects websites' pages with Metasploit Decloacking Engine, a tool developed by a white hat hacker HD Moore.
Exploiting The Vulnerability In Tor Web Browser
As popular as it can be, Tor is one of the most reliable anonymizing application out there. By default, users are safe to browse the web without limits using Tor. And with it, the Deep Web is somehow open to those that have the knowledge to venture there.
Tor does not recommend users to install or enable Adobe's Flash plugins because they can reveal identity. The reason why they are disabled by default is because those plugins establish a connection for Flash based contents instead of using Tor's protocol. The plugins can have direct connection to the server, making identities of users using Flash in Tor can be revealed.
With that in mind, the FBI exploited this vulnerability to transmit spyware to targeted victims through Flash-based contents. When the users see those Flash contents, the FBI van track them down using NIT.
What the FBI did, is turn run hidden Deep Web servers to serve explicit contents as baits to catch unsuspecting pedophiles.
In the past, a similar strategy has been conducted by a hacker who used TOX ransomware to target pedophiles. The hacker was able to infect around 1000 child predators using the method.