Man-in-the-Middle Angriffe auf Jabberuser via Tor

08 Mar 2016

During the last days our friends of discovered a man-in-the-middle-attack on jabberusers who connect to their favoured jabberserver through Tor.

The malicious Tor exit-nodes presented a fake(wrong) certificate to those users. This should result in a certificate warning on the client side. If you ignored this warning, may someone eavesdropped on your connection.

Those servers were victims of the attack:

As far as we know, users who connect through our Tor Hidden Service were not affected.

You can find more detailed information in immerda’s summary