On 02/09/2020 05:23 PM, grarpamp wrote:

<SNIP>

> Question how exactly the servers are being physically found in
> the *first place*. Look for cases where the servers were mysteriously
> just "found", with rest of timeline unfolding after that secret or
> questionable moment. Tor and other networks are sold as being
> able to protect from such network "finds".

I just saw a HN thread that proposes a ~simple answer.[0]

It could just be one of the standard malicious guard attacks. The risk
isn't huge for a single onion service. But if you have hundreds of onion
services on one server, each with its own guards, the odds of just one
onion service getting pwned by a malicious guard are correspondingly
greater. And one malicious guard is enough to pwn the server.

<SNIP>

0) https://news.ycombinator.com/item?id=22292161