I'm also wondering about that. The only recent statement I know of is from Cloudflare, where they say that 94% of the Tor traffic they see is malicious.[1]
It's good to protect anonymous way to use the internet, but it shouldn't be ignored that Tor is probably primarily used for illegal purposes.
But, also, cloudflare has made the malicious / non-malicious ratio so much worse. A staggering amount of web content has become practically inaccessible on TOR because of them. This makes TOR very difficult to use for the average law-abiding person who just wants more privacy.
They have a shitty reputation because they funnel a higher-than-normal number of users through a single IP.
And apparently cloudflare is much more aggressive on this front than anybody else in this business, including google - when I get a captcha it's always cloudflare (or hacker news). On those sites I can practically rely on getting one.
To turn it around, every time I see a cloudflare captcha they obviously have failed.
[1] https://blog.cloudflare.com/the-trouble-with-tor/