Man-in-the-Middle Angriffe auf Jabberuser via Tor

08 Mar 2016

During the last days our friends of immerda.ch discovered a man-in-the-middle-attack on jabberusers who connect to their favoured jabberserver through Tor.

The malicious Tor exit-nodes presented a fake(wrong) certificate to those users. This should result in a certificate warning on the client side. If you ignored this warning, may someone eavesdropped on your connection.

Those servers were victims of the attack:

freifunk.im
jabber.ccc.de
jabber.systemli.org
jappix.org
jodo.im
pad7.de
swissjabber.ch
tigase.me

As far as we know, users who connect through our Tor Hidden Service were not affected.

You can find more detailed information in immerda’s summary