A lawful interception attempt has been discovered on the XMPP-based messaging service, jabber[.]ru. The six-month-long attack involved hijacking encrypted connections using new TLS certificates issued by Let’s Encrypt service. The attacker could execute actions from authorized accounts without knowing passwords, potentially compromising user communications. The attack, suspected to be based on a German police request, ceased after an investigation began. Users are advised to assume their past 90-day communications are compromised and to check for unauthorized keys and change passwords.