One interpretation of this article is that FBI (or contractors) has non-public, zero-day, or old-but-unpatched vulnerabilities which it is using against client machines to collect information. We assume that only misconfigured machines are vulnerable.
A benefit of this knowledge is that it may be possible collect these exploits with a REVERSE honeypot. Simply use a MORE secure browser (Tails in Tails + non-extradition origin + Tor Browser). Then spider the Dark Web but make sure your spider DOES follow post requests and do data fuzzing. This is the most likely to register as an intelligence target.
You could determine a successful exploit occurred if: the outer Tails or the inner Tails (virtualization) sent any traffic to the network. Normal non-exploited behavior would be that all traffic (spidering) would occur only with the innermost Tor Browser connection. So this would require three levels of "wire level" logging. As soon as you detect exploited behavior, stop everything, publish the logs and then act like Gene Hackman in Enemy of the State.
Of course this can all be done without any human interaction with unsavory websites, it can be legal based on origin location and it can arbitrarily secured against detection. Older versions of Tor Browser and known exploits could be used to validate this system. Sorry, this probably belonged as a blog post or a GitHub new repo first commit!