This story is over 5 years old.

Hack Exposes Reams of Private Jabber Chats

Hackers made off with chat logs from the instant messaging service’s paid VIP offering.
Illustation: Che Saitta-Zelterman

Often when a website or service is hacked, it's only usernames or passwords that are exposed. But in one case, hackers made off with months worth of private messages between users of an instant messaging service.

Jabber is a protocol for sending chat messages, otherwise known as XMPP. Hackers, technologists, and journalists often use Jabber to message one another, as the communications can also be easily encrypted with a client plug-in. Loads of different organizations run Jabber servers; one of those being Jabbim.


Unfortunately for users of Jabbim's paid VIP service, hackers stole an 8GB file containing around six months worth of chat messages from 2016. The majority of messages are in Slovak in Czech, and the records also include IP address logs.

"Last year I canceled this service at all and from September 2016 this service not exist [sic]," Jan Pinkas, the administrator of Jabbim told Motherboard in an online chat.

Read more: Another Day, Another Hack

Pinkas, who briefly looked at the file for Motherboard, said, "For now, it's look for me like dump from Jorge database [sic]. I used Jorge for Jabbim Archive service, it was server side message history system, available only for VIP users."

Paid data-breach notification site LeakBase provided Motherboard with the file, and the messages have already been swapped among data traders for some time. LeakBase, as well as the hacker known as w0rm, also sent Motherboard another file which it claimed was a list of Jabbim usernames and plain text passwords from 2016. According to Pinkas, however, those details originated from a previous Jabbim hack in 2014.

In response, Pinkas said he has increased user and password security on Jabbim, including hashing all passwords with bcrypt, an algorithm that makes passwords much harder for hackers to crack.

The lesson: Because logs of this type aren't exposed all that often, it might be easy to forget that chat services may be recording not just your logins but your messages too. If you're paranoid about a data breach leading to your chats being dumped online, you might want to use an end-to-end encrypted messenger instead. Jabber users can install the off-the-record plugin if they want to stick with something like Jabbim too.

Get six of our favorite Motherboard stories every day by signing up for our newsletter.