- The Federal Bureau of Investigation arrested a predator of young children after Facebook had someone create a zero-day exploit to locate him.
- The man was using the Tails operating system, which deploys the Tor anonymity network and encrypts all network traffic.
- The FBI may have used the exploit to target more Tails users, but for now, they remain silent.
According to a Motherboard report, Facebook engaged in an unprecedented hunt to help the FBI identify and locate a California resident named Buster Hernandez. Going by the username “Brian Kil,” the man systematically harassed and terrorized young girls, and extorted them for nude pictures and videos, even threatening the children with rape and murder. More specifically, the sick man threatened to launch mass shootings and bombings on his targets’ schools unless they sent him the explicit material he requested. In many cases where the victim was overwhelmed by the extortion, the atrocious person delivered threats of posting their nude photos on any memorial webpages that will be set up for them.
Facebook received multiple reports about the man’s behavior on the platform, but he remained diligent in hiding his online tracks, so it was impossible to find out his identity. This was when the FBI stepped in to help, but they too failed to hack the target. This left Facebook with no other option than to pay a cybersecurity firm to develop a zero-day exploit for Tails, which was the operating system that Hernandez used. The amount Facebook paid for this purpose hasn’t been disclosed, but it’s a six-figure one. The harassment ended in 2017 when Hernandez was located and arrested after the FBI utilized the backdoor that Facebook ordered and paid for.
Tails developers remain in the dark to this day (court documents just released) as to what flaw was used in this case. Moreover, it is worrying that the FBI held such a valuable tool that could unlock the otherwise secure system used by thousands of activists, journalists, domestic violence survivors, and people who value their privacy in general. Reportedly, the exploit targeted a flaw in the Tails’ video player, resulting in the revealing of the user’s real IP address when they tried to playback media on it. According to Facebook, the exploited code has been removed in more recent versions of Tails, although this cannot be confirmed with certainty yet.
Facebook responded to the objections by saying that this was an extraordinary case of abuse on their platform and that this was the only time they cooperated with the FBI to target someone. They felt the responsibility to protect these children and invested a lot of money and time in the case. The FBI chose not to provide any comments on this case since it is still ongoing. Whether or not the FBI used the exploit against other Tails users for other cases remains a question.