[wincy]

I remember reading this article and being concerned that state actors had simply flooded the tor nodes to allow them to them to perform attacks to deanonymize a user. It’s possible that Arstechnica just has some agenda against Tor because it seemed like for awhile they were putting out articles like this every few months on the Tor network and people being arrested who used Tor.

https://arstechnica.com/information-technology/2013/08/tor-u...

[sporksmith]

This article is from 2013, and notes a huge increase in tor clients. While the article notes we weren't able to determine the cause of the sudden increase, the primary hypothesis put forward was that it was a true growth in usage due to new anti-piracy laws in Russia. It doesn't note any particular attacks this may signify, and I'm not aware of deanonymization attacks that involve adding a lot of clients to the network.

The larger concern for deanonymization is typically flooding the network with relays, since it increases the ability to do e.g. timing-based de-anonymization attacks. This is a bit of an arms race. As @ajvs points out though, the known cases of tor users being de-anonymized were not due to attacking Tor itself, but via other channels. I'm not aware of any known real-world cases of users being deanonymized by attacking or analyzing Tor itself, let alone users being "arrested regularly"