Pedophile Caught in Homeland Security Operation Sentenced to Prison
According to an announcement from John Durham, the United States Attorney for the District of Connecticut, a district court judge sentenced a Connecticut, man to five years in prison for possessing hundreds of pictures and videos that depicted child abuse. The defendant, a 61-year-old from Shelton, Connecticut, named Michael Hull, had been downloading child abuse material on the darknet when federal agents identified identified him through an unknown means.
Hull is one of two suspects recently covered by DeepDotWeb that found themselves amidst a secretive Homeland Security Investigations operation into darknet child abuse sites. Given that the Homeland Security Investigations operation is an active an ongoing operation, the details revealed by the federal law enforcement agency have not provided any worthwhile insight into the operation or the operationâs scope. Now that convictions have started rolling in, more informative information will likely surface.
For now, we know that this investigation focuses on sites and individuals responsible for the dissemination of child abuse material on the darknet. In alignment with the dozens of child abuse operations that focused on specific actors or a specific site, one could reasonably conclude that the HSI operation had been targeting users of a single site. And more specifically, a site where the investigators have the ability to identify users hiding behind the Tor network. This could be as simple as posting links on darknet forums to content hosted on the clearnet sites that is more easily accessed outside of Tor (uploading content to âtrustedâ or âapprovedâ clearnet hosts is a fairly standard practice; leaving Tor is not).
Homeland Security Investigations could have gone the route of uploading infected media that identifies the downloader. They could have pulled a move similar to Dutch law enforcement in Operation Bayonet: swapping out a safe for for one that âcalls homeâ to LE servers. Users behind a VPN or Tor should still be safe in such a scenario. Another optionâand one that would call for more secrecyâis that Homeland Security Investigations carefully became the owners of a large child abuse site where they can employ dozens of attacks in an effort to identify users.
The truth is that until the information leaks or Homeland Security Investigations reveals the details of the operation, we will not know how they are capturing users. All we know is that they are actively doing so. And in May 2017, they did just that: they arrested Hull, a member of whatever site the agency had been investigating. Alongside Shelton Police officers, HSI agents raided Hullâs house in search of electronic devices that contained child abuse content. They pulled 16 electronic devices out of his house.
Forensic analysts 13 images and 126 videos on the devices they successfully accessed. US Attorney Durham announced that investigators failed to decrypt one of the man’s hard drives and two of the man’s tablets. They did not not need access to the encrypted devices to successfully convict the 61-year-old, though.
U.S. District Judge Stefan R. Underhill sentenced the man to five years in prison and five years of federal supervised release. Hull had pleaded guilty to a single count of possession of child pornography in 2018.