FYI.

This story is over 5 years old.

Tech

A Dark Web Child Porn Site Is Forcing Its Visitors to Learn Security Tips

Dark web child abusers are constantly looking for more ways to keep themselves, and others, secure.

Law enforcement are constantly hunting dark web child pornographers. Whether cops are going undercover to learn more about suspects, or deploying hacking tools to unmask them on a mass scale, each side is always trying to stay one step ahead of the other.

Apparently in response to law enforcement's use of malware, one dark web child pornography site recently started redirecting visitors to a page with additional security advice if their browser runs JavaScript.

Advertisement

"At [child pornography site] we have always had a big JavaScript warning if you have it enabled," one user on a dark web child abuse site wrote in December of last year. Motherboard has decided to not name the site.

JavaScript is sometimes used as a delivery mechanism for a browser exploit; meaning that if users turn it on, they may make themselves vulnerable to attack, which could ultimately reveal their identity.

But this site doesn't just warn people about the dangers of JavaScript. It goes a step further, and if visitors have Javascript enabled, it redirects them to this page on the Tails website which provides extra information about using the Tor Browser securely. Tails is an operating system that routes all of a user's traffic through the Tor anonymity network, and is designed to not leave any forensic traces on the host machine.

The dark web child pornography site also blocks connections from Tor2Web gateways, which are proxies that people can use to access dark web sites without the protection of the Tor network. The site also allegedly stops people accessing it via mobile phone browsers.

"If [child pornography site] ever stops warning about JavaScript, redirecting or blocking non-official & outdated browsers, then you will know something is wrong," the post continues. (Motherboard did not access the child pornography site).

In November, an unknown party used JavaScript to deploy a Tor Browser exploit against visitors of a dark web child pornography site called Giftbox Exchange. Government contractor Exodus Intelligence sold that same exploit to a law enforcement agency last year, sources told Motherboard.

Get six of our favorite Motherboard stories every day by signing up for our newsletter.