FBI has access to all accounts anonymous webmail service TorMail

Last year, the FBI got hold of the entire mail database of the anonymous webmail service TorMail when it seized a server of hosting service Freedom Hosting. After the seizure, the sites docked with the hoster started serving malware.

Access to the mail accounts is evidenced by court documents relating to a case against a Florida man who took orders for counterfeit credit cards at ‘[email protected]’. The FBI received a search warrant for the account and, according to the documents, was able to access it via its own copy of “data and information from the TorMail server,” Wired writes.

The server was located in France, but the FBI got hold of it during an investigation into another case, after a request to that effect from the French government. That case related to child pornography that is said to be on sites at the French Freedom Hosting service. TorMail rented server space from Freedom Hosting.

According to the FBI, the seizure took place between July 22 and August 2, 2013. On August 4, a malware rollout began through Freedom Hosting’s sites, including TorMail. That malware used a vulnerability in Firefox to anonymize users with outdated versions of the Tor Browser Bundle. It has not been proven that the FBI will be behind the rollout, but according to Wired, the method is in line with the service’s previous Network Investigative Techniques.

The administrator of the now defunct drug network Silk Road, Dread Pirate Roberts, has already warned users that they should assume that their mail can be read. According to him, many Silk Road users emailed through the anonymous webmail service. The FBI claims that many criminals used TorMail to hide from law enforcement “because it allowed users to hide their real identities and geographic location.”