[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Kitten1 and kitten2 compromised (guard/hs/fallback directory)

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Kitten1 and kitten2 compromised (guard/hs/fallback directory)
From: Sec INT <sec.int9@xxxxxxxxx>
Date: Sat, 20 May 2017 20:45:12 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 20 May 2017 15:45:30 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=iRwTQqJ5aB5eCaRK/IFgYRYj9tYuX07WJs/niCvhDSo=; b=PCepKrzGXRk2sZjPjauBXos7n/lXs9RzXe0jTq+BvVDZYaZmBmQJTsbVTNvHrzp9hy qPFe2ZazSW4n5AMmP9Z0gX24GWIn/tDN4kVOMGxHyspmoWkx8HbMQ89INoNKR7ggsvnh pUsJpkLYDlub1WjSkcYpBybuQah8BHGJdSynPhspZ6fn0XAOc20AWai46w7I/0NWBA/n moxI0RWgIxRAuceQhrsvhIyDm3aqVrF1wV7jyerOtlF7elOyZXuvo1/Y14+VQjyFCwfE oWXd6MxQkkfkzyqtg7634LFpv+xo+TYgmQsqSku+kuqfXc9vlAloRFEjr35HILssvVKf BQbg==
In-reply-to: <2036285.4Cb9jVE1rS@lappy>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <3967864.iNu47IuUtC@home> <df09f9fb-a76c-d61a-4e14-7d05f22fea28@torproject.org> <2036285.4Cb9jVE1rS@lappy>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

Hi

What was OVH reaction to this? Has your account been banned from using their services etc?

Utterly pathetic move by the French company - its their own fault


On 20 May 2017, at 16:20, aeris <aeris+tor@xxxxxxxxxx> wrote:

>> Could you please share some more information about the incident?
> 
> From what I know and what I can speak about :
> 
> A big and sensible French company was infected with Wannacry this 12/05.
> After infection Wannacry starts a Tor client to join it C&C behind a .onion 
> address. And so connect to guard nodes (possibly bridges, directory 
> authorities and fallback directories can be affected too, or any Tor nodes 
> which can be joined directly by standard Tor client).
> Sys admin of the infected company just flag all unknown *OUTGOING* traffic as 
> evil and report corresponding IP to cops. Which seized servers of big french 
> providers (OVH & Online at this time) on this list the 13 and 14/05.
> 
> Regards,
> -- 
> Aeris
> Individual crypto-terrorist group self-radicalized on the digital Internet
> https://imirhil.fr/
> 
> Protect your privacy, encrypt your communications
> GPG : EFB74277 ECE4E222
> OTR : 5769616D 2D3DAC72
> https://café-vie-privée.fr/
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Kitten1 and kitten2 compromised (guard/hs/fallback directory)
  - From: aeris
- Re: [tor-relays] Kitten1 and kitten2 compromised (guard/hs/fallback directory)
  - From: Vasilis
- Re: [tor-relays] Kitten1 and kitten2 compromised (guard/hs/fallback directory)
  - From: aeris

Prev by Author: [tor-relays] Fast relay dropped from use by Tor
Next by Author: Re: [tor-relays] Relay has Low Consensus and No Exit Flag Following Upgrade
Previous by thread: Re: [tor-relays] Doing the english [Was: Kitten1 and kitten2 compromised (guard/hs/fallback directory)]
Next by thread: [tor-relays] (FWD) [tor-announce] Tor 0.3.0.7 is released, with a medium security fix for relays
Index(es):
- Author
- Thread