Dear abuse handlers at universities,
the following two servers run a tor exit relay (exit policy: accept *:*).
Due to ~80 other servers [1] around the world joining the tor network with the same bitcoin donation address in the contact field my wild guess is that it was not the owner making this server a tor exit relay.
If you can confirm that these servers were indeed compromised - this would be valuable information for us.
AS name: University of California at Berkeley IP address: 169.229.227.122 started to run as a tor relay at: 2016-03-07 17:37:24
AS name: University of Vienna, Austria IP: 77.80.14.190 started to run as a tor relay at: 2016-03-07 17:32:29
(I'm not associated with the torproject)
[1] https://gist.githubusercontent.com/nusenu/fb19034a7860dba6c203/raw/5531768e7...
https://lists.torproject.org/pipermail/tor-relays/2016-March/008857.html