The United States Federal Bureau of Investigation (FBI) is infecting the computers of crime suspects with malware on a large scale to beat encrypted communications, a court case has revealed.
First reported by Wired's Threat Level, the FBI's tactics came to light in court documents in a recent case against child pornographers who used The Onion Router (TOR) anonymising network to hide their activities.
The malware was deployed by the FBI two years ago as part of the global Operation Torpedo against illegal child exploitation online, and disseminated through a TOR site under the agency's control.
In search warrants signed by a federal magistrate the FBI referred to the malware as a Network Investigation Tool or NIT. The software used by the bureau was custom coded to only identify computers, collect Internet Protocol addresses and Media Access Control identifiers, as well as Microsoft Windows operating system hostnames of visitors to TOR site.
According to Wired, the FBI has also deployed the NIT against an Irish provider of hidden services on TOR. The malware was analysed by security researchers last year, but the deployment has so far not been acknowledged by the FBI.
The use of malware by law enforcement is deemed controversial by privacy advocates, who fear it may be deployed outside clear-cut criminal cases as well to spy on innocent individuals for political purposes.
Reports from Europe suggest police forces are using commercial malware such as Gamma Group's FinFisher and also developing their own surveillance applications. FinFisher has been used by repressive regimes to target political opponents, some of which have filed a criminal complaint against the malware developer.
It is thought to be in use by the Australian Federal Police, which last year declined a Freedom of Information request related to FinFisher materials.