Without thinking, I downloaded a paper backup copy of my blockchain.info wallet while using Tor in TAILS inside a virtualbox (behind a VPN in Linux). Can a malicious exit node read the .pdf file and steal my bitcoins?
There is .001 BTC in there btw, I've moved all my funds elsewhere. Just curious.
If the website you downloaded it from used unencrypted http, then yes.
If it was downloaded over an encrypted https link then probably not.