Home » Featured » Dark Web Child Porn Users Caught Using Clearnet File Sharing Service
Click Here To Hide Tor

Dark Web Child Porn Users Caught Using Clearnet File Sharing Service

Recent federal court documents show that multiple suspected board users of an unnamed DW child porn site have been reportedly ID’d by the United States Department of Homeland Security (DHS). However, unlike the world-wide bust of almost 1000 users of the once-popular DW site “Playpen”, a site which was temporarily run by DHS and FBI agents for a fews days before the arrests, Federal law enforcement didn’t accomplish this with exploits of the Tor protocol, or by a comprehensive hack. Instead, they found a workaround: users of the dark web site posted links to child pornography that was hosted on a file sharing service, so investigators obtained IP addresses from that host.

The child porn site in question is not revealed in the court filings; it is only mentioned as “Bulletin Board A”. In at least one of the transcripts, a federal investigator involved in the case went on record saying that the site had “at least 23,000 users.”

Federal law enforcement agents were given a break in the case when they noticed board users were posting links and files of child porn to the board, links and files that were hosted by the clearnet file sharing site “ziifile”. Ziifile makes users sign in with an account, a step which apparently many board users did on a regular browser. While this was convenient, as upload speeds of images and video over tor are notoriously poor, it proved to be one corner cut too close. Once authorities figured that out, all they had to do was subpoena ziifile for the IP addresses of the uploaders of the files, and anyone who used ziifile over the clearnet even once was unmasked. As mentioned by the state’s attorneys in the court papers, “the storage service provided, among other information, business records that contained the IP addresses connected to the downloading of the specific files.”

As reported by Joe Cox from Motherboard, at least three cases related to the DW board and ziifile have been found to exist. In December, David Skally, from Rhode Island, pleaded guilty to possessing child pornography; Jack Bean, Jr. from Massachusetts, pleaded guilty to similar offenses in February, and a third suspect, Larry Reece, from Virginia, was also identified by law enforcement. Reece has since had his charges dropped due to cited lack of evidence by his attorney.

Goes to show that even though Tor browsing can protect your identity, the browser can’t prevent users from outing themselves through careless mistakes. Although many of us are glad to see pedophiles reprimanded, this case should be a serious warning for anyone trying to share files securely over the dark web. As convenient as they are, clearnet sites like Dropbox or Google docs are not secure and dangerous to use to share sensitive content. Luckily, there’s a solution for Linux users that provides both relative speed and amazing security, although in exchange for a complicated configuration process and a clunky GUI. It’s an FTP daemon called vsFTPd, and you can find out more about it here.

The author of this article is donating his proceeds to the Ross William Ulbricht defense fund.

3 comments

  1. What can we do to help the fight against child enslavement?

  2. This is why I use TOR and Private Internet Access proxy. Have two running at all times and my proxy is always on. I can not access the internet unless the proxy is working

  3. What I wonder is if the way they caught them was due to the fact they accessed the original board via tor but went to their regular stwndard browser to download the ziifile files or upload them thst way. Couldnt they have still clicked on the ziifile links or used the service frk. a tor browser or a standard vpn or proxy? I mean a vpn or proxy is usually much faster and not much of a hassle to turn on especially with free services available on mobile devices and all. if they were sophisticated enough to use tor in thr first place why wiuld they switch to their regular apbrowser with not even a fpn to access the actual files?

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *