Tor is one of the best and freely available privacy software that lets people communicate anonymously online through a series of nodes. An exit relay is the final relay that Tor traffic passes through before it reaches its destination. Researchers spent more than four months studying on the Tor exit nodes using their own scanning software called “exitmap” and detected suspicious behavior somewhere in Russian network. They identified 25 nodes that were tampering the web traffic and stripping out the encryption using’sslstrip’ attack. 19 nodes were caught using a bogus SSL certificate to perform man-in-the-middle attacks on users.
Source: https://thehackernews.com/2014/01/malicious-russian-tor-exit-relays.html