That happened in 2007 and everyone should be well aware by now that your connections are only encrypted inside the Tor network. Once they leave an exit node they are not encrypted unless you use SSL, so yeah a malicious exit node can sniff the traffic. Connections to hidden services are fully encrypted because they never leave the Tor network, they go from Tor client to Tor client.