Hacking Team, the online surveillance company that provided spyware tools to the governments of Egypt, Ethiopia, and the United Arab Emirates, as well as the FBI and DEA, recently bragged about tracking users of the Tor browser bundle who surf the Darknet. Back in June, Hacking Team’s CEO David Vincenzetti stated, “The Darknet can be totally neutralized/decrypted…the right technology to accomplish this exists, the right technology to fight terrorists in cyberspace exists.” 

A month later Hacking Team was hacked and 400 GB of their internal documentation was released on the internet. Among the documentation, as reported by The Intercept,  was an exchange with an FBI contractor:  "In July of 2012, FBI contractor Pradeep Lal contacted the customer support department of the Italian company Hacking Team…he had used Hacking Team software to break into and monitor an investigative target’s computer, but the monitoring wasn’t working as well as Lal expected. It reported what addresses his target visited in normal web browsers, but not when his target used Tor Browser."

ZDNet reports that in September 2014, “An FBI agent asked the Milan-based firm if the latest version of its scout Remote Control System (RCS) -- otherwise known as Galileo -- could help the law enforcement agency track down a Tor user.” The response was that the user would have to already be infected with the “scout” spyware software of the Hacking Team to be tracked succesfully.

Additional revelations about Hacking Team’s efforts to infiltrate the Tor Browser and Darknet are revealed in a series of leaked slides called Project X. The system would target a specific user, infect their computer through a regular web browsing session and then re-route the target’s internet traffic before it enters the anonymous network. Typically the Tor Browser will route the user’s traffic to a random server located in a different country, but Project X would route the traffic to a server controlled by Hacking Team and monitor all traffic before it becomes encrypted.

It is interesting to note that the user would have to be targeted in the first place, indicating that mass surveillance is not a possibility for the Tor network as of this time. Additionally, the user would have to browse the internet without the Tor Browser to be infected with one of Hacking Team’s exploits after which they’d have to install tracking hardware on your local network, making this potential operation both costly and time-consuming. 

Protect your personal information with web protection from Web Companion.