- Facebook helped the FBI nab a child predator who kept getting away for many years.
- Facebook reportedly paid the third-party company in six figures to get hold of the predatorís IP address.
- Facebook spokesperson has said it only hacked into the predatorís account after no other options were left.
Facebook worked with a third-party company to nab a child-abuser and handed him over to the FBI. The predator was a California-based man, Buster Hernandez whose online name was Brian Kil. He exploited young girls for years and forced them to send sexually explicit photos through Facebook, email, and other chat apps. He also threatened to kill them or blow up their schools, Motherboard reported.
The FBI had attempted catching Hernandez who is termed as the "worst criminal" on Facebook. But the FBI's hacking system could not get through Hernandez. Hernandez noticed the attempt and mocked the FBI about it.
"You thought the police would find me by now, but they didn't. they have no clue. The police are useless," he wrote. "Everyone please pray for the FBI, they are never solving this case lmao I'm above the law and always will be," Motherboard quoted Hernandez.
Alex Stamos, who is now part of the Zoom's security team headed Facebook's security back then (2017) and decided to lend a hand to catch hold of the criminal.
The tool used by the third-party cyber-security was a zero-day exploit in the privacy-focused operating system Tails. Facebook paid in six figures to get hold of the predator's IP address. The tool automatically routed all of a user's internet traffic through the Tor anonymity network, to unmask Hernandez's real IP address, which led to his arrest, the report stated.
Facebook reportedly assigned a dedicated employee to track the criminal for around two years and developed a new machine learning system designed to detect users creating new accounts and reaching out to kids in an attempt to exploit them.
Hernandez used Tails, a secure operating system that runs the anonymizing software Tor and is designed to encrypt and push all of a user's traffic through the network by default. This helps the user hide their real IP address.
This tool is also widely used by journalists and activists who are under threat of being surveilled by the police.
A Tails' spokesperson told Motherboard that the OS is used by 30,000 activists, journalists, domestic violence survivors, and privacy-concerned citizens daily.
Facebook has said that it does not specialize in developing hacking exploits and did not want to set the expectation with law enforcement that this is something it would do regularly. The hacking tool itself is controversial since it lets Facebook track the IP address of its own users. According to a Facebook spokesperson, it took this step only after exhausting all options.