Neldoreth relay seized ? - tor-relays

29 May 2017


      Dear Neldoreth relay’s operator,
This day, we were informed of a Tor node seizure at FirstHeberg during the 
13-14/05, related to Wanacry infection of the french company Renault.
    https://www.nextinpact.com/news/104398-wannacrypt-nud-tor-saisi-chez-firsthe...
FirstHeberg say the seized node was "traffic analyzed" during some times before 
being shuting down for content cloning and drive given to cops.
They are at least 5 others relays seized under the same case at OVH and Online 
providers.
    https://www.nextinpact.com/news/104302-wannacrypt-nuds-tor-saisis-par-autori...
    https://gist.github.com/nusenu/3d7bbeb7c97af591d65003b4bfe70021/
After consensus investigation, it seems your Neldoreth node is the only hosted 
at FirstHeberg with a downtime during this timeframe (from 14/05 18:00 to 
17/05 14:00). This node is currently running, but lost its guard flag since 
restart.
Could you confirm if your node was seized or not ?
If seizure confirmed or suspected, your private key is probably no more safe, 
so please report your fingerprint to bad-relays@lists.torproject.org for 
blacklisting to avoid reusage, and renew your private key.
Regards
-- 
Aeris
https://imirhil.fr/

Protect your privacy, encrypt your communications
GPG : EFB74277 ECE4E222
OTR : 5769616D 2D3DAC72
https://caf%C3%A9-vie-priv%C3%A9e.fr/