Thread to watch:

https://lists.torproject.org/pipermail/tor-dev/2017-April/01...

Targeted hidden services:

   222222avkcjpcbwi
   22222tolarsrblkw
   22u75kqyl666joi2
   bxgxtfeka5jlfoxi
   e65rngozye7xbzlo
   escrowxzvepij47i
   freebay3yuvebsog
   ghemfwgrouuy5rsl
   h7f3q4yiw6rfpzwz
   jumpwtfbk44aa37y
   kpvz7ki2v5agwt35
   luavqzwze3mduxyw
   lzxsffcd6pn4bg2w
   n3q7l52nfpm77vnf
   silkroadvb5piz3r
   tc43p6yceci5gh2y
   thehub7gqe43miyc
   tssa3saypkimmkcy
   tz4732fxpkehod36
   vljyah4v3i3xiebn
   wd43uqrbjwe6hpre
   xcvwjwwnzjh3og2s
   xnyvcjj6ybauprjx

Presence of the original Silk Road would indicate at least a pre-2014 start. Also a few other early darknet markets in there.

Where did you get this list? AFAICT the article (§5.4) mentions only 4 targeted services:

  22u75kqyl666joi2.onion
  n3q7l52nfpm77vnf.onion
  silkroadvb5piz3r.onion
  thehub7gqe43miyc.onion

I'm one of the authors. You are right, these are the only onion services that were most likely targeted. The others are part of our publicly available dataset, but most likely false positives.

There is a file called targeted-onion-services.tar.xz which is provided at the end of this page. The excel document inside, once removing duplicates, matches fluxist's comment.

This is good work. Just like a competent IT department should pen test their own network, Tor needs white-hat hackers working to shake out the vulnerabilities.

Great work and paper. The fact 53% of the Tor relays have either shared prime factors or non-standard RSA components is worrying. This kind of research is mandatory.

You are misunderstanding the summary. Researchers found ~3500 keys with shared factors in a historical dataset of ~4M keys. None of the relays with vulnerable keys they found are online today.

Thank you for the clarification. I've probably read it too fast.