Feeds

Anonymous shuts down hidden child abuse hub

Tor paedos torpedoed, names outed

Recommendations for simplifying OS migration

Members of hacktivist collective Anonymous are claiming credit for shutting down a deep underground child abuse site and outing its membership list.

Account details of 1,589 members of Lolita City were posted as part of Anonymous’ Operation Darknet, a wider effort aimed against abuse of the Tor network by paedophiles. Lolita City, said to be hosted by Freedom Hosting, alone housed more than 100GB of child pornography, according to a statement by Anonymous.

As well as providing anonymisation, the Tor network supports a private “dark” top-level domain, .onion. Sites on the "hidden" domain were only visible to Tor users or through Tor gateways, such as tor2web.org. Although some services, such as anything that uses UDP, are blocked, .onion sites are by no means immune to hacking - as the attack by Anonymous illustrates.

Anonymous members discovered links to child abuse images in a section called Hard Candy on a .onion site called The Hidden Wiki. Anonymous removed the links, which were reposted by a site administrator. After noticing that "95 per cent of the child pornography listed on the Hidden Wiki shared a digital fingerprint with the shared hosting server at Freedom Hosting", the hacktivists issued a series of ultimatums, which were ignored.

Anonymous then began a series of denial-of-service attacks aimed at Freedom Hosting, and most particularly Lolita City. The user database of the site was extracted using a SQL injection attack, ars technica reports.

The Tor network is widely used by human rights activists and often used as a means to get around government-applied censorship controls, such as the Great Firewall of China. The service is also used to exchange pirated content or by paedophiles.

Tor activist Jacob Applebaum welcomed Anonymous' action: "Anonymous pwned a bunch of pedos; huzzah," he said via his ioerror Twitter account.

Security experts were more cautious: Sophos, for example, argues against such vigilante actions. "Their intentions may have been good, but take-downs of illegal websites and sharing networks should be done by the authorities, not internet vigilantes," writes Graham Cluley of Sophos.

"When 'amateurs' attack there is always the risk that they are compromising an existing investigation, preventing the police from gathering the necessary evidence they require for a successful prosecution, or making it difficult to argue that evidence has not been corrupted by hackers." ®

Boost IT visibility and business value

More from The Register

next story
Trying to sell your house? It'd better have KILLER mobile coverage
More NB than transport links to next-gen buyers - study
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Scotland's BIG question: Will independence cost me my broadband?
They can take our lives, but they'll never take our SPECTRUM
NBN Co adds apartments to FTTP rollout
Commercial trial locations to go live in September
Samsung Z Tizen OS mobe is post-phoned – this time for good?
Russian launch for Sammy's non-droid knocked back
Speak your brains on SIGNAL-FREE mobile comms
Readers chat to the pair who flog the tech
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?