Facebook security experts have teamed up with the FBI to locate a pedophile who has been following the social network for years. Eventually they were able to determine its location using a 0day in the video player installed on its operating system.
Defendant Buster Hernandez, arrested in August 2017, was using the distribution Tails Linux OS to remain anonymous while online, but according to a Vice report, he frequently visited Facebook in an attempt to blackmail underage girls to take nude photos and videos.
He also posted several threats of rape and terrorist attacks, but Facebook could not detect him because of the operating system he was using, which sent all the traffic through the TOR network.
The publication reveals that the FBI itself tried to break into the pedophile's computer several times, but failed due to security measures implemented by the Tails distribution. The social network finally managed to get in and work with a third party to develop an exploit (0day) in the video player that was in Tails.
An alleged victim then sent a video that was used to run the exploit, eventually helping the FBI determine Hernandez's IP address, locate him and arrest him.
H Vice he says also that Facebook never contacted Tails to report the security loophole, and in addition, it is unknown whether the FBI used the same exploit for other purposes. According to the publication, Facebook technicians have mixed feelings about whether the social network approach was the right one, while some say that the company did not have to pay to acquire the exploit. Still others believe that this was the only way to put an end to Hernandez's repeated threats to his victims.
Version 4.8 of Tails is scheduled for release on June 30th. At this time, we do not know if a patch has been released for this security vulnerability.