You are on page 1of 1


and European law enforcement agencies Friday announced the largest strike ever against the
Internets black markets, shutting down more than 400 sites and arresting 17 people for allegedly
selling drugs, weapons and illegal services to anonymous buyers worldwide.
Government evidence showed the shuttered sites were offering a remarkable variety of illicit
goods, including cocaine, counterfeit money and explosives.
Many people thought this trade was beyond the reach of police because the sites were accessible
only through Tor, a service created by the U.S. government that directs Internet traffic through a
succession of routers to hide the identities of users and the locations of servers. The ability of
investigators to unmask the alleged operators of Tor sites shook the foundations on those who use
the service for more legitimate purposes, such as political activists, journalists and diplomats.
Several experts suggested that Tors ability to protect users and the locations of servers may have
been compromised on a mass scale by sophisticated technological tools used by a coalition of
Western law enforcement agencies that has been targeting what is often called The Dark Web.
The strike on the Dark Web code named Operation Onymous, a word meaning the opposite
of anonymous began Wednesday and the action spread internationally Thursday and Friday as
authorities in the United States and 16 European nations shut down 410 sites that were reachable
through Tor and allowed anonymous transactions, typically using virtual currencies, such as
bitcoin, that were difficult for police to track.
The sites, with names such as Hackintosh and Pablo Escobar Drug Store, were found in
England, Germany, France, Bulgaria, Spain and Switzerland, among other nations, according to
Europol, the European Unions law enforcement agency.
Tor a name that began as an acronym for The Onion Router because it wrapped Internet
traffic in protective layers of encryption to hide a users identity was developed by the U.S.
Naval Research Laboratory and is run by a nonprofit group that receives State Department
It is popular among privacy activists despite its limitations. A planned talk at a security conference
this summer, was intended to reveal ways that attackers could identify Tor users a process
called de-anonymization. The talk was abruptly canceled, raising suspicions that the techniques
were unexpectedly sensitive.
That incident generated considerable discussion in the online privacy and security community
Friday as news of the crackdown spread. Yet many experts said the takedown may have been
unrelated to the de-anonymization techniques because there are numerous ways to potentially
target illegal sites on Tor.
The investigation took at least two years, said individuals familiar with the matter. The actual
takedown of the illicit sites was highly coordinated and took place within one hour.
Experts said there were several possible avenues of attack, including using an undisclosed flaw
typically called a zero-day to gain access to computers on the Tor network.
The National Security Agency has put considerable energy into penetrating Tor, based on topsecret documents provided by former NSA contractor Edward Snowden.
The FBI and its European partners declined to explain how their operation worked, fueling the