Feeds

Anonymous shuts down hidden child abuse hub

Tor paedos torpedoed, names outed

Choosing a cloud hosting partner with confidence

Members of hacktivist collective Anonymous are claiming credit for shutting down a deep underground child abuse site and outing its membership list.

Account details of 1,589 members of Lolita City were posted as part of Anonymous’ Operation Darknet, a wider effort aimed against abuse of the Tor network by paedophiles. Lolita City, said to be hosted by Freedom Hosting, alone housed more than 100GB of child pornography, according to a statement by Anonymous.

As well as providing anonymisation, the Tor network supports a private “dark” top-level domain, .onion. Sites on the "hidden" domain were only visible to Tor users or through Tor gateways, such as tor2web.org. Although some services, such as anything that uses UDP, are blocked, .onion sites are by no means immune to hacking - as the attack by Anonymous illustrates.

Anonymous members discovered links to child abuse images in a section called Hard Candy on a .onion site called The Hidden Wiki. Anonymous removed the links, which were reposted by a site administrator. After noticing that "95 per cent of the child pornography listed on the Hidden Wiki shared a digital fingerprint with the shared hosting server at Freedom Hosting", the hacktivists issued a series of ultimatums, which were ignored.

Anonymous then began a series of denial-of-service attacks aimed at Freedom Hosting, and most particularly Lolita City. The user database of the site was extracted using a SQL injection attack, ars technica reports.

The Tor network is widely used by human rights activists and often used as a means to get around government-applied censorship controls, such as the Great Firewall of China. The service is also used to exchange pirated content or by paedophiles.

Tor activist Jacob Applebaum welcomed Anonymous' action: "Anonymous pwned a bunch of pedos; huzzah," he said via his ioerror Twitter account.

Security experts were more cautious: Sophos, for example, argues against such vigilante actions. "Their intentions may have been good, but take-downs of illegal websites and sharing networks should be done by the authorities, not internet vigilantes," writes Graham Cluley of Sophos.

"When 'amateurs' attack there is always the risk that they are compromising an existing investigation, preventing the police from gathering the necessary evidence they require for a successful prosecution, or making it difficult to argue that evidence has not been corrupted by hackers." ®

Remote control for virtualized desktops

Whitepapers

Seattle children’s accelerates Citrix login times by 500% with cross-tier insight
Seattle Children’s is a leading research hospital with a large and growing Citrix XenDesktop deployment. See how they used ExtraHop to accelerate launch times.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Business security measures using SSL
Examines the major types of threats to information security that businesses face today and the techniques for mitigating those threats.