The wiretap is believed to have lasted up to 6 months, allowing the attacker to execute actions on compromised accounts without the need for passwords, potentially altering messages and accessing unencrypted data.

Alleged Covert Wiretap on Russian Messaging Service Blown by Expired TLS Certificate

Security researchers have discovered a possible government attempt to wiretap a German instant messaging service, which was blown due to an expired TLS certificate. The wiretap is believed to have lasted for up to 6 months, compromising all communications during that time. The researchers suspect that the servers were reconfigured by the hosting providers in Germany to facilitate the wiretapping as a result of a government request. It is unclear whether this was a lawful government intercept or a criminal act. The incident highlights the potential for abuse in laws that allow intelligence services to intercept telecommunications messages in bulk.

Back to Home


  • No comments yet.