A malicious Tor exit node in Russia is being used by unknown attackers to insert malicious code into files being downloaded by Tor users. Josh Pitts, a security researcher at Leviathan Security Group, discovered the malicious node. Tor administrators have since flagged the node as a BadExit, meaning that Tor clients now know to avoid using the server. 90% of sites from which downloads are available do not use SSL/TLS encryption nor use digital signatures to prevent such tampering. The issue is not an indictment of Tor security or of the strength of its anonymity protocols, Pitts said.”]