Feds Are Suspects in New Malware That Attacks Tor Anonymity
http://www.wired.com/threatlevel/2013/08/freedom-hosting/
Security researchers tonight are poring over a piece of malicious software that takes advantage of a Firefox security vulnerability to identify some users of the privacy-protecting Tor anonymity network.
The malware showed up Sunday morning on multiple websites hosted by the anonymous hosting company Freedom Hosting. That would normally be considered a blatantly criminal drive-by hack attack, but nobodys calling in the FBI this time. The FBI is the prime suspect.
It just sends identifying information to some IP in Reston, Virginia, says reverse-engineer Vlad Tsrklevich. Its pretty clear that its FBI or its some other law enforcement agency thats U.S.-based.
If Tsrklevich and other researchers are right, the code is likely the first sample captured in the wild of the FBIs computer and internet protocol address verifier, or CIPAV, the law enforcement spyware first reported by WIRED in 2007.