MALWARE ATTACK

Freedom Hosting Takedown

August 2013 10 min read

Freedom Hosting was the largest Tor hidden service hosting provider until its takedown in August 2013. The FBI exploited a Firefox vulnerability to deploy malware that identified users, marking the first known government use of browser exploits against Tor users at scale.

The Malware Attack

On August 4, 2013, sites hosted on Freedom Hosting began serving a malicious JavaScript payload that:

  • Exploited a Firefox 17 vulnerability
  • Collected user's real IP address and MAC address
  • Sent data to a Virginia IP (later linked to FBI)
  • Affected all Freedom Hosting-hosted sites

Eric Eoin Marques

Irish citizen Eric Marques was arrested in Dublin and described by the FBI as "the largest facilitator of child abuse on the planet." He was eventually extradited to the US and sentenced in 2021.

Impact

  • First confirmed FBI browser exploit against Tor users
  • Demonstrated JavaScript dangers on Tor
  • Led to Tor Browser disabling JavaScript by default for high security
  • Sparked debate about government hacking powers

Educational Purpose Only

DarkWiki is a research and educational resource. We do not promote, facilitate, or encourage any illegal activities. All information is provided for academic, journalistic, and cybersecurity research purposes only. Historical onion addresses shown are no longer active and are included solely for historical documentation.