The operation started after Dutch law enforcement compromised a hidden service called Pedoboard, and found it was physically located at a Nebraska web hosting company.
[1][2] The ensuing FBI investigation found that an employee, Aaron McGrath, was operating two child pornography sites at his work and one at his home.
After a year of surveillance, the FBI arrested McGrath and took control of his three sites (PedoBoard, PedoBook, TB2) for a two-week period starting in November 2012.
During this time the websites (onion services) were modified to serve up a NIT in what is termed a "watering hole attack", which would attempt to unmask visitors by revealing their IP address, operating system and web browser.
[4][5][6][7] An investigation by The Daily Dot claimed that the NIT was created by former part-time employee of The Tor Project and Vidalia developer Matthew Edman and was internally known as "Cornhusker".