Bruteforce attacks generate a lot of traffic, so Webiron gets an excuse to blame the Tor network as a major source of abuse versus "regular" traffic.

"Tor: Please note as the abuse from Tor has gotten out of hand, we do not give free passes to abuse coming from Tor exits. See the leader board linked below for more details on the issue."

We received this too. Quite oddly though, after sending them 6 or 7 email acknowledgements that our Tor exit IP-address is a Tor exit (duh), they have stopped sending us abuse complaints. Maybe we got a free pass after all, although I didn't request one.

And yeah, Webiron's not to be taken very seriously.[1] I've lost their credibility a long time ago when they exclaimed that Tor exit operators would be held legally liable for the routed traffic - of course not. It's called fear mongering.

-Wub

[1]: https://lists.torproject.org/pipermail/tor-relays/2015-December/008259.html