Alleged Covert Wiretap on Russian Messaging Service Blown by Expired TLS Certificate
Security researchers have discovered a possible government attempt to wiretap a German instant messaging service, which was blown due to an expired TLS certificate. The wiretap is believed to have lasted for up to 6 months, compromising all communications during that time. The researchers suspect that the servers were reconfigured by the hosting providers in Germany to facilitate the wiretapping as a result of a government request. It is unclear whether this was a lawful government intercept or a criminal act. The incident highlights the potential for abuse in laws that allow intelligence services to intercept telecommunications messages in bulk.