Former Tor Developer Helped the FBI by Creating Malware to Go After Tor Users
Matthew Edman, a former core developer on the Tor Project, has helped the FBI after leaving the non-profit by creating the Torsploit malware used to deanonymize users of the Tor network, the Daily Dot reported yesterday.
Edman joined the Tor Project in 2008 while a student at the Baylor University. He was assigned to work on Vidalia, a now defunct project that was a simple GUI that allowed users to deploy and manage Tor connections on their computer.
Tor leadership stopped working on Vidalia in 2013, but by that time, Edman had already started working for the Mitre Corporation as a senior cyber-security engineer.
Unknown to many is the fact that the Mitre Corporation, the entity that manages the Common Vulnerabilities and Exposures (CVE) database, is also a full-blown cyber-security and defense contractor, having an annual turnaround of nearly $1.5 billion, mostly from government contracts.
Edman created the Torsploit malware
During this time, Edman created the Torsploit (also known as Cornhusker malware) in collaboration with several FBI agents.
The FBI used this malware in the infamous Operation Torpedo sting, during which it deployed Torsploit on a Dark Web child pornography portal.
FBI agents packed Edman’s malware inside a Flash file placed on the site. If users accessing the site had Flash enabled in their Tor Browser, the malware would detect the user’s real IP address, and send it to FBI servers along with a timestamp.
The FBI used this information to deanonymize 25 suspects and convicted 19 of those people (until now). Since then, the FBI moved on to using other malware, and many even suspect the FBI secretly using an exploit in the Tor Browser itself, one that could also work in Firefox browsers.
The FBI “lost” the Torsploit source code
Controversy ensued when one of the Dark Web suspects wanted his lawyers and technical experts to have a look at Torsploit so they could validate its mode of operation and accuracy.
The FBI’s answer was similar to a fourth grader saying the dog ate his homework. FBI officials simply stated that they’ve lost the source code.
Edman’s collaboration with the FBI continued, and he’s been credited with helping the Bureau bring down the Silk Road marketplace, where it’s been said that Edman had a key role, especially in tracking down Ross Ulbricht’s Dark Web and Bitcoin transactions.
In the past few years, Edman joined Bloomberg, FTI Consulting, and is now a key executiveat the Berkeley Research Group, where he works alongside three former FBI agents and a former federal prosecutor, all that worked on the Silk Road case as well.