Security experts at Facebook worked with the FBI to locate a pedophile who had been following the social network for years. Eventually they were able to determine its location using a 0day in the video player installed on its operating system.
Defendant Buster Hernandez, arrested in August 2017, was using the distribution Tails Linux OS to remain anonymous while connected to the Internet, but according to a Vice report, he frequently visited Facebook in an attempt to blackmail underage girls to take nude photos and videos.
He also posted several threats of rape and terrorist attacks, but Facebook could not locate him due to the operating system he was using which was sending all the traffic through the TOR network.
The publication reveals that the FBI itself tried to break into the pedophile's computer several times, but failed due to security measures implemented by the distribution Tails. The social network finally managed to get in and work with a third party to develop an exploit (0day) in the video player that existed in Tails.
An alleged victim then sent a video that was used to run the exploit, eventually helping the FBI determine Hernandez's IP address, locate him and arrest him.
H Vice reports also that the Facebook never contacted her Tails to report the security loophole, and in addition, it is unknown whether the FBI used the same exploit on other targets. According to the publication, his technicians Facebook have mixed feelings about whether the social network approach was the right one, while some say the company did not have to pay to acquire the exploit. Still others believe that this was the only way to put an end to Hernandez's repeated threats to his victims.
Version 4.8 of Tails is scheduled for release on June 30th. At this time, we do not know if a patch has been released for this security vulnerability.