FBI masqueraded the NIT in a video-bait to unmask sextortionist on Tor

Pierluigi Paganini August 09, 2017

The FBI used a NIT involving a specially crafted video file to unmask a sextortionist that via Tor was threatening youngsters.

The FBI has used once again the network investigative technique (NIT) for unmasking Tor users, this time the feds used it to arrest a suspected sextortionist. The man is accused of having tricked young girls into sharing nude pics of themselves and then blackmailed them.

The network investigative technique (NIT) was used in the past to unmask Tor user, it allows feds to gather suspects’ real IP address, the MAC address and other pieces of information and sent them to the FBI servers.

The FBI used a NIT involving a specially crafted video file that once opened causes the media player to contact an FBI-controlled server leaking the above information that can be used to identify the suspect’s ISP and, with a subpoena, the subscriber’s identity.

Using this technique, the FBI arrested Buster Hernandez, 26, who was charged with multiple counts of sexual exploitation of a child, threats to use an explosive device, and threats to injure. The man was using Facebook to lure the young victims and extort them to send him pictures of themselves naked.

“Terrorizing young victims through the use of social media and hiding behind the anonymity of the Internet will not be tolerated by this office,” said US Attorney Josh Minkler. “Those who think they can outwit law enforcement and are above being caught should think again. Mr Hernandez’s reign of terror is over.”


The man was using the name “Brian Kil” while he was sending messages to blackmail the victims threatening them to reveal compromising pictures.  With this technique, he was asking more images to the young victims.

“When Victim 1 refused to provide additional images as demanded, Hernandez is alleged to have made physical threats to Victim 1, stating “I am coming for you. I will slaughter your entire class and save you for last.” He further made threats to law enforcement saying, “I will add a dozen dead police to my tally…Try me pigs, I will finish you off as well.” continues the US Attorney.

The FBI was involved in the investigation in December 2015, when it received FBI the request of help by the Brownsburg police, Indiana, where two of the victims lived. The police were not able to identify the man because he was using Tor.

The threats caused two schools to be closed for an entire day.

Hernandez is suspected to have “sextorted” a number of victims in at least 10 federal districts.

“This was a unique and complex investigation that highlights the tenacity, perseverance, expertise and dedication of the FBI Indianapolis’ Crimes Against Children Task Force and was a top priority. Innovative techniques were utilized, solutions to roadblocks created and partnerships with key private sector partners were developed,” said W. Jay Abbott, Special Agent in Charge of the FBI’s Indianapolis Division. “I stood in front of concerned parents and community members and told them we would find the person who had been victimizing these young girls and, with the tireless work of our agents and partners, we never gave up.”

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Network investigative technique (NIT), FBI)

[adrotate banner=”13″]

you might also like

leave a comment