Former Tor Project developer is making a living creating malware for FBI to unmask users of the anonymity software
A former Tor Project developer is making apparently making a living by creating malware for the Federal Bureau of Investigation (FBI) that allows agents to unmask users of Tor anonymity software. The developer, Matt Edman joined Tor Project as developer in 2008 when he was a student at the Baylor University.
Edman developed a killer malware called Torsploit, which is being used by the FBI to unmask Tor users. According to reports, FBI and other federal law enforcement agencies used the malware in several high profile cases to unmask the Tor users.
The Tor Project has announced that it came to its attention that Matt Edman, who worked with the Tor Project until 2009, subsequently was employed by a defence contractor working for the FBI to develop anti-Tor malware called ‘cornhusker’ aka torsploit.
Edman was only with Tor on the Vidalia project only for a year. In 2008 he joined and worked on Vidalia, a piece of software meant to make Tor easier for normal users by implementing a simple user interface. He was a graduate student then, pursuing a Ph.D. in computer science that he would obtain in 2011 from Rensselaer Polytechnic Institute.
Tor leadership stopped working on Vidalia in 2013, but by that time, Edman had already started working for the Mitre Corporation as a senior cyber-security engineer. Mitre Corporation, the entity that manages the Common Vulnerabilities and Exposures (CVE) database, is also a full-blown cyber-security and defense contractor, having an annual turnaround of nearly $1.5 billion, mostly from government contracts.
Edman was working at Mitre as a senior cybersecurity engineer assigned to the FBI’s Remote Operations Unit, the bureau’s little-known internal team tapped to build or buy custom hacks and malware for spying on potential criminals. Edman became an FBI contractor tasked with hacking Tor as part of Operation Torpedo, a sting against three Dark Net child pornography sites that used Tor to cloak their owners and patrons.
At Mitre, Edman worked closely with FBI Special Agent Steven A. Smith to customize, configure, test, and deploy malware he called “Cornhusker” to collect identifying information on Tor users. The malware is also known as Torsploit.
Cornhusker used a Flash application to deliver a user’s real Internet Protocol (IP) address to an FBI server outside the Tor network. The malware targeted the Flash inside the Tor Browser. The Tor Project has long warned against using Flash as unsafe but many people enough people made security mistakes and Operation Torpedo netted 19 convictions.
According to court documents, Cornhusker is no longer in use. Since then, newer FBI-funded malware has targeted a far wider scope of Tor users in the course of investigations.