We research. You level up.
Protect your devices, your data, and your privacy—at home or on the go.
“Thanks to the Malwarebytes MSP program, we have this high-quality product in our stack. It’s a great addition, and I have confidence that customers’ systems are protected.”
Featured Event: RSA 2021
Activate Malwarebytes Privacy on Windows device.
The wheels of justice have turned, if perhaps a bit slower than you may have expected. A Dublin resident, Eric Eoin Marques, has been sentenced to 27 years in federal prison. The reason is the frankly terrifying tally of child sexual abuse material (CSAM) he helped to distribute. Eoin helped to make no fewer than 8.5 million images of abuse available on the Dark Web. No fewer than 2 million of those images contained victims not previously known to those in law enforcement circles.
The main point of reference for these acts was something called “Freedom Hosting”. This website hosting service helped keep all of the illegal content online, and available for distribution. Law enforcement seized $155,000 from Marques, who stated that his business had been “very successful”.
How did the FBI, Interpol, and the Garda set about taking this nest of vipers down?
Freedom Hosting operated as a hidden service (a destination on the Dark Web), available to Tor users if they knew where to look for it. To prevent any confusion, as per the Tor blog:
The person, or persons, who run Freedom Hosting are in no way affiliated or connected to The Tor Project, Inc., the organization coordinating the development of the Tor software and research.
According to the investigation, “the hosting service contained over 200 child exploitation websites that housed millions of images of child exploitation material”. Essentially, they played host to the absolute worst of the worst.
Shortly after the FBI began seeking Eoin’s extradition in 2013, malware—later identified as EgotisticalGiraffe—was discovered on a number of Freedom Hosting sites. The malware exploited a bug in the Tor browser that revealed the IP addresses of visitors, defeating Tor’s anonymity protection, and allowing them to be located.
The FBI later revealed in court that it had taken control of Freedom Hosting in July 2013 and planted the malware to identify people looking for CSAM there.
Marques at this time was facing up to four charges, plus extradition to the US, which eventually happened in 2019. By the end of it all, he stood accused of creating and operating servers from 2008 to 2013. He pleaded guilty at the start of 2020, after a year-long investigation.
Things have now come to a conclusion, for him at least, and he won’t be out of prison for a very long time. Considering his initial admission of guilt came with a mandatory sentence of 15 years, he managed to end up with quite a few more added to the tally.
The combined efforts of law enforcement around the world have made a significant dent on this one operation. One suspects in real terms it’s a drop in the ocean with regards to numbers. Even so, this is a fantastic result:
More than 200 primary sites taken offline, along with “hundreds of other sites” sponsoring or facilitating the various activities; “The activities of tens of thousands of online pornographers disrupted”; over 4 million images / videos seized, and more than 100 unknown series of abuse uncovered; “dozens” of offenders identified and prosecuted throughout the world.
As for Marques himself, he apparently kept out of the limelight and “lived a quiet life”. He is also said to have been searching for information on Russian visas and passports, hoping to make extradition as tricky as possible.
We’re pleased to say this didn’t happen, and he’s proof positive that you can’t always hide from the long arm of the law.
SHARE THIS ARTICLE
ABOUT THE AUTHOR
Write for Labs
Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.
Imagine a world without malware. We do.
NEWS AND PRESS
© All Rights Reserved
Select your language
Your intro to everything relating to cyberthreats, and how to stop them.