Leaked Documents Indicate FBI Spied On Every TorMail User in 2013

A lot of important news hardly ever gets picked up by mainstream media these days. About a week ago, several documents were leaked indicating how the FBI received permission to hack several hundred TorMail users. Despite having a warrant for 300 individual users, it looks like the law enforcement agency once again overstepped its boundaries. It is possible that every Tormail user has been spied on during this investigation.

The FBI Struggles To Follow Precise Orders

Any story related to breaches of privacy somehow seems to involve either the FBI or other law enforcement agencies. Anonymous services, such as TorMail, attract a lot of criminal attention. But there are also legitimate users who want a private email account where they store sensitive and personal communication. That doesn’t make them criminals by any stretch of the imagination.

Keeping that in mind, the original warrant issued allowed the FBI to snoop on 300 TorMail users. Every individual user on that list was suspected of online or other crime in some form. Spying on these users required some kind of malware to be deployed,  which was done through the Freedom Hosting service. Freedom Hosting hosted darknet websites, as well as TorMail back in 2013.

Through the FBI’s Network Investigative Technique, law enforcement agents could reveal real IP addresses of TorMail users. Official documents indicate that roughly 300 users were under investigation. That does not explain, however, why the FBI decided to deploy their NIT malware toolkit before even showing the TorMail login page. If all they were after were these 300-ish users, they could have taken far less invasive measures.




By deploying malware before even showing the login page, it is impossible for the FBI to distinguish between their original targets and innocent TorMail users. This seems to indicate that the FBI overstepped their warrant boundaries by miles, and captured sensitive login details from unsuspecting users who were not part of the investigation.

ACLU’S Principal Technologist Christopher Soghoian told the media:

“The warrant that the FBI returned to the court makes no mention of the fact that the FBI ended their operation early because they were discovered by the security community, nor does it acknowledge that the government delivered their malware to innocent TorMail users. This strongly suggests that the FBI kept the court in the dark about the extent to which they botched the TorMail operation.”

It has become evident that the FBI is not taking the letter of the law to heart when it comes to deep web investigations. The TorMail incident, their PlayPen investigation, and the involvement in shutting down Silk Road are just a few examples.  Sooner or later they will need to be brought to justice for invading user privacy, using illegal malware infiltration techniques, and overstepping their legal boundaries.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.