Unsealed court documents show that the Federal Bureau of Investigation (FBI) may have used malware to track TorMail users. The documents suggest that the FBI may have outstepped the scope of the warrant it obtained in 2013.

The findings have come into light after the American Civil Liberties Union (ACLU) pushed to make the case documents unsealed. The US Department of Justice (DOJ) released the redacted version of the documents related to the 2013 probe of website hosting network Freedom Hosting and TorMail.

Like Us on Facebook

The documents reveal that the FBI may also have hacked TorMail users. Christopher Soghoian, a principal technologist at the ACLU, told Motherboard in an email, "That is, while the warrant authorized hacking with a scalpel, the FBI delivered their malware to TorMail users with a grenade."

The investigation was meant to target child porn related miscreants. The FBI used Network Investigative Technique (NIT), which reveals the real IP address of the surfers visiting Freedom Hosting sites. The documents show that NIT was used on users of 23 different websites.

A recently unsealed affidavit states that the NIT was only meant to "investigate any user who logs into any of the TARGET ACCOUNTS by entering a username and password." However, various sources reveal that NIT was used even before the users logged into the service. ACLU's Soghoian added, "What remains unclear is if the court was ever told that the FBI had exceeded the scope of the warrant."

Soghoian also stated that the warrant returned by the FBI to the court does not acknowledge the delivery of malware to "innocent TorMail users." An FBI spokesperson, however, stated that the FBI does not "exceed the scope of those warrants."