Former HHS BigWig is Violent Pedophile

Sexually Violent Predator
Timothy DeFoggi

Former US cybersecurity director gets 25 years for online Child Abuse

by Lisa Vaas on January 12, 2015

The former acting director of cybersecurity for the US Department of Health and Human Services (HHS) has been sentenced to 25 years in federal prison over his activities on a child abuse image website that was hidden – but not particularly well – on the Deep Web and accessed via the Tor anonymity network.

Timothy DeFoggi, 56, was convicted on 26 August 2014 after a four-day jury trial in the state of Nebraska. The charges against him were: engaging in a child exploitation enterprise, conspiracy to advertise and distribute child pornography, and accessing a computer with intent to view child pornography.

In a Department of Justice release, Assistant Attorney General Leslie R. Caldwell was quoted as saying that DeFoggi used the same technology skills he employed at HHS to conduct his crimes: Using the same technological expertise he employed as Acting Director of Cyber Security at HHS, DeFoggi attempted to sexually exploit children and traffic in child pornography through an anonymous computer network of child predators.

In August, it came to light that the FBI had been silently installing drive-by spyware in its quest to identify and prosecute child abuse image traffickers hiding behind Tor.

The agency not only cracked an unsecured forum for child abuse images hidden on Tor; they then took over three offending sites and booby-trapped them with spyware.

The operation began with an investigation in the Netherlands in August 2011, where national police looking to crack down on the crime of child abuse imagery wrote a web crawler that prowled the Deep Web – which is the portion of World Wide Web content not indexed by standard search engines – siphoning off every Tor address it came across.

They methodically checked out all the hidden addresses the crawler pulled in, determining which were sites devoted to child abuse imagery.

If the sites had been hosted on the World Wide Web then the story would end there: the FBI could have identified the sites’ owners and locations quite easily. On the Dark Web those details are tucked away under the anonymizing routing layers of the Tor network.

But one of the sites, going by the stomach-churning moniker “Pedoboard”, had a good old-fashioned security problem – an administrator account with no password. The FBI walked through that open door and poked around until they found enough clues about the real location of the site to arrest its owner, Aaron McGrath, in November 2012.

They identified McGrath as the administrator of three websites that advertised and distributed child abuse imagery. McGrath was running sites out of the server farm where he worked in Nebraska, along with one server at his home. The agents didn’t shut the sites down. Rather, they baited them with malware and kept them running for three weeks.

Over the course of the investigation, the FBI identified 25 Tor users of child abuse imagery sites, from states all over the US. DeFoggi was the sixth man to be convicted as part of the ongoing investigation. McGrath was convicted in January 2014 and sentenced to 20 years in prison.

According to the Department of Justice (DOJ), users of the website advised each other on how to evade detection by law enforcement, including advice about the proper use of encryption software, techniques to hide or password-protect child image collections, and programs to remove data from a user’s computer.

Beyond sharing child abuse imagery, DeFoggi was also accused of plotting to rape and murder children.

From the DOJ’s statement:

Through the website, DeFoggi accessed child pornography, solicited child pornography from other members, and exchanged private messages with other members in which he expressed an interest in the violent rape and murder of children. DeFoggi suggested meeting one member in person to fulfill their mutual fantasies to violently rape and murder children.

Last week, Stu Dornan, DeFoggi’s lawyer, wrote to Ars Technica, saying that his client “will be appealing the conviction and sentence and steadfastly maintains his innocence.”



Stop Child Sex Abuse picture
It’s time to stop the Abuse of Our Children

Search terms “Jailbait chan” and “Jailbait imageboards” used

Last week, the imageboard site was brought offline for a sustained period of over five days due to a prolonged DDoS attack. On Monday, it returned only to go back offline for a much different reason: its domain had been seized.

Site founder Fredrick Brennan posted an e-mail on Monday that he says came from the site’s Bahamas-based registrar, The note explained that the domain had been put “on hold” due to “child abuse” content appearing on the site.

This followed a swell of complaint e-mails sent over the weekend to Cloudflare, the “pass-through” content delivery network that had been operating 8chan’s servers. Some users were upset over content posted on 8chan by its imageboard users and directed their complaints to Cloudflare. “Please take appropriate measures to stop your customer from abusing your services and enabling illegal content,” one complainant wrote after posting links to 11 8chan boards that contained underage “girls and boys shown in sexual poses.”

In accordance to Cloudflare’s abuse-report policy, the company responded to complaints by forwarding them back to 8chan’s administrative address—essentially telling an alleged offender who blew a whistle and how they did so. Brennan responded to those complaints by reposting them, complete with the complainants’ full names and e-mail addresses for 8chan and Twitter users to see.

As a result, the complainant quoted above, who used his real name and e-mail address when writing to Cloudflare, was subsequently “doxxed” by imageboard users, and his personal and private contact details were posted on 8chan-friendly boards.

As for the domain, it continues to be parked at “”.

Brennan stated that he has been unable to reclaim or transfer for the time being. He used his Twitter account to point out how the site currently redirected, for some users, to a splash site hosted by that contained apparently auto-generated search terms such as “Jailbait chan” and “Jailbait imageboards.” Those seemed to run contrary to the complaining reason for the takedown.

Additionally, Brennan said hadn’t pointed to any specific child-abuse content in its takedown notice. (Worth noting, this isn’t the first time has been scrutinized over how it reacted to user complaints.)

Just before Monday’s domain seizure, 8chan had come back online in a variety of limited and full flavors. Site founder Fredrick Brennan cobbled together alternate server options along with new imageboard links hosted by the site’s Japanese sibling It was at some of these new locales that the whistleblowers’ doxxing occurred.

Savvy users can still find those and other operational 8chan boards by typing an IP address directly. Our last report about 8chan’s DDoS-related outage detailed many of the enemies and detractors the site had accumulated since launching in 2013 as a less-regulated version of similar imageboard site 4chan.