abuse department:
Could you please list me the massiv malicious actor networks that the Tor Project found out by itself in the last years?
I am not sure what your criteria for "massive" are but I can try to provide an answer as good as I can.
First, I don't have hard data for the "last years", partly because we did not spend time to collect that data and partly because we did not look closely enough ourselves. Both changed at the begin of this year as it turned out that relying to a large extent on external contributions in this area of our work is not a smart idea for a number of reasons.
Now, while I won't link to any "massiv malicious actor networks" I can link to all the fingerprints we rejected because we found the related relays doing attacks on the network:
https://gitlab.torproject.org/tpo/network-health/team/-/wikis/Rejected-finge...
As I said in another thread on this list[1] those fingerprints are collected on a monthly basis. While, in general, there is no guarantee that all of those fingerprints are found by Tor Project folks/employees (I don't think at this point it is worth spending time trying to differentiate between Tor Project-found/external contributors-found malicious actors) I took the time to look up the history of all of them as far as we have it.
Apart from 1 fingerprint mentioned in that wiki all of them got reported by our scanners or as a result of our own investigation. That's 680/681 and is not including the massive sybil attack in May, nusenu reported as well.[2] Maybe that's one of those massive malicious actor networks you have in mind? If so, yes, we caught it by ourselves.
I don't know what goal you had in mind with your question, but I hope the above helps a bit at least.
Georg
[1] https://lists.torproject.org/pipermail/tor-relays/2021-May/019647.html [2] https://lists.torproject.org/pipermail/tor-relays/2021-May/019644.html
On 1. Dec 2021, at 14:32, Georg Koppen gk@torproject.org wrote:
We have not finished our analysis for the relay group nusenu is talking about in the blog post, so not sure yet about the findings mentioned there. However, it's nice to see external parties being as vigilant as we in trying to make sure our users have a safe Tor experience. More of that please. :)
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays