[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Kitten1 and kitten2 compromised (guard/hs/fallback directory)



Hi

What was OVH reaction to this? Has your account been banned from using their services etc?

Utterly pathetic move by the French company - its their own fault


On 20 May 2017, at 16:20, aeris <aeris+tor@xxxxxxxxxx> wrote:

>> Could you please share some more information about the incident?
> 
> From what I know and what I can speak about :
> 
> A big and sensible French company was infected with Wannacry this 12/05.
> After infection Wannacry starts a Tor client to join it C&C behind a .onion 
> address. And so connect to guard nodes (possibly bridges, directory 
> authorities and fallback directories can be affected too, or any Tor nodes 
> which can be joined directly by standard Tor client).
> Sys admin of the infected company just flag all unknown *OUTGOING* traffic as 
> evil and report corresponding IP to cops. Which seized servers of big french 
> providers (OVH & Online at this time) on this list the 13 and 14/05.
> 
> Regards,
> -- 
> Aeris
> Individual crypto-terrorist group self-radicalized on the digital Internet
> https://imirhil.fr/
> 
> Protect your privacy, encrypt your communications
> GPG : EFB74277 ECE4E222
> OTR : 5769616D 2D3DAC72
> https://café-vie-privée.fr/
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays