BTC $103545.9797
ETH $2364.5348
XRP $2.3341
BNB $630.5817
SOL $164.8692
DOGE $0.2053
ADA $0.7903
TRX $0.2562
stETH $2359.8328
WBTC $103727.2546
SUI $3.9748
LINK $16.0689
wstETH $2838.0616
AVAX $22.9654
XLM $0.2969
USDS $0.9997
HBAR $0.1995
HYPE $24.9229
LEO $8.8580
TON $3.2750
BCH $419.5794
LTC $97.6657
DOT $4.5899
WETH $2363.8689
XMR $302.3494
BTCB $103601.7945
BGB $4.5281
PI $0.7528
weETH $2521.3255
BSC-USD $0.9992
PEPE $0.0000
USDE $0.9989
WBT $30.3306
TAO $442.3062
UNI $6.4703
APT $5.6708
NEAR $2.8761
CBBTC $103451.5098
OKB $54.4973
DAI $0.9969
AAVE $212.2408
ONDO $1.0206
ETC $19.1819
CRO $0.1000
ICP $5.3596
TRUMP $13.9021
KAS $0.1057
BTC $103545.9797
ETH $2364.5348
XRP $2.3341
BNB $630.5817
SOL $164.8692
DOGE $0.2053
ADA $0.7903
TRX $0.2562
stETH $2359.8328
WBTC $103727.2546
SUI $3.9748
LINK $16.0689
wstETH $2838.0616
AVAX $22.9654
XLM $0.2969
USDS $0.9997
HBAR $0.1995
HYPE $24.9229
LEO $8.8580
TON $3.2750
BCH $419.5794
LTC $97.6657
DOT $4.5899
WETH $2363.8689
XMR $302.3494
BTCB $103601.7945
BGB $4.5281
PI $0.7528
weETH $2521.3255
BSC-USD $0.9992
PEPE $0.0000
USDE $0.9989
WBT $30.3306
TAO $442.3062
UNI $6.4703
APT $5.6708
NEAR $2.8761
CBBTC $103451.5098
OKB $54.4973
DAI $0.9969
AAVE $212.2408
ONDO $1.0206
ETC $19.1819
CRO $0.1000
ICP $5.3596
TRUMP $13.9021
KAS $0.1057
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • They have been listening in on the encrypted traffic on the Jabber network for a few months now.

    Information about the breach and what needs to be done to stop it.

    Hetzner and Linode in Germany host the project server and the VPS environments that help it run. On October 20, 2023, an attack was made on the "Man in the Middle" servers that run the jabber.ru service (also called xmpp.ru). The attack was aimed at the XMPP (Jabber) encrypted intercepting protocol of the TLS connections. They changed the TLS certificate on a transit node and sent traffic to it in order to get into XMPP connections that used the STARTTLS extension.

    A unique SSL certificate was used to set up a proxy connection to TCP:5222 by attackers who haven't been caught yet. It was easy for us to find the attack because the bad guys messed up and didn't update the TLS certificate. The user who runs jabber.ru couldn't connect to the service because the certificate had run out.

    On April 18, 2023, the fake TLS certificate was bought from the Let's Encrypt service. Chats on jabber.ru and xmpp.ru can be read by bad people. At first, people were worried that someone would break into the project server, but there was no proof of this in the audit.

    The new part worked on both the Hetzner network and the Linode network as it turned out. Three hosts were used to change the path of Port 5222 traffic from two different service providers. This made it seem like the attack could have been planned by someone who was already on the network of the service provider.

    Certificate replacement stopped after going to court and talking to the provider's support services. Some people on the project team believe that service providers who work for the German police or intelligence services may have known about the attack and helped bring it about.

    If you use jabber.ru, you should change your passwords and look at your OMEMO and PGP keys to make sure they haven't been stolen.

    The messages you send and receive during that time should all be thought of as possibly being harmful. Someone could read and even change messages in real time because the server did not encrypt them. It is only safe to talk on OMEMO, OTR, or PGP if both people agree on the encryption keys.

     

    Author reign3d
    Bohemia Market on the Dark Web Shut Down – What Actually Happened
    Best .onion Websites to Explore on the Dark Web in 2023

    Comments 0

    Add comment