Advertisement
Motherboard

Court Docs Confirm FBI's Child Porn Hack Was International

The FBI has so far declined to comment on whether it hacked computers outside of the US.

by Joseph Cox
May 17 2016, 10:00am

Image: Whatsername/Flickr

As part of an unprecedented law enforcement hacking operation, in early 2015 the FBI hacked over a thousand suspected US-based visitors of a dark web child pornography site called Playpen. Despite reports that the hacking campaign spread beyond US borders, so far the FBI has declined to comment on whether computers abroad were hit.

Recently unsealed court documents now confirm that the investigation targeted international suspects.

"Thousands of users of 'Website A,' in the United States and abroad, remain under active investigation," reads a government motion from 2015 that was unsealed last week. Website A refers to Playpen, which the FBI seized, and briefly ran, in February last year.

Once it had control of the site, the FBI deployed a network investigative technique (NIT)—a hacking tool—to identify users of the site when they clicked on certain child pornography-related threads.

The government motion, which addresses a protective order for discovery documents, comes from the case of Richard Stamper, who was arrested on suspicion of child pornography crimes.

"The disclosure of certain information, names and/or statements contained in said
documents may jeopardize multiple ongoing criminal investigations involving the sexual
exploitation of children, both on the national and international level," the document continues.

Although no specific countries are mentioned in the filing, media reports and documents from other agencies suggest the FBI hacked computers in Greece, Chile, and Denmark. According to a Europol presentation, the agency has generated 3,229 cases as part of the operation covering Playpen, and 34 of those were in Denmark. Motherboard also found potentially connected cases in the UK, Colombia, and Turkey.

Legal experts have raised issues with the FBI's hacking of overseas computers, particularly when their location is hidden by the Tor anonymity network. Because the agency can never really know where the machine on the receiving end of its malware is, using hacking tools on the dark web is "like playing Russian Roulette with cross-border cyber operations," Ahmed Ghappour, visiting assistant professor at UC Hastings College of Law, previously said.

The Department of Justice has tried to address this problem head-on with a series of changes to Rule 41 of the Federal Rules of Criminal Procedure, which regulate how judges can issue warrants for search and seizures. Under the changes, which were approved in April by the Supreme Court, magistrate judges could approve hacking operations outside of their own jurisdiction. Congress has until December 1 to debate the changes.

When asked to confirm whether the FBI hacked computers internationally as part of its investigation into Playpen, Justice Department spokesperson Peter Carr told Motherboard in an email, "We'll decline to comment outside of the filing at this time."

The FBI also declined to comment, and Europol did not respond.