Researchers devised two correlation attacks, dubbed DefecTor, to deanonymize Tor users using data from observation of DNS traffic from Tor exit relays. Google operates public DNS servers that observe almost 40% of all DNS requests exiting the Tor network, a privileged point of observation for attackers. Google is also able to monitor some network traffic that is entering Tor network via Google Fiber or via guard relays that are occasionally running in Googles cloud. The researchers also developed a tool, dubbed DNS Delegation Path Traceroute (dPR) that could be used to determine the DNS delegation path for a fully qualified domain name.”]
Source: http://securityaffairs.co/wordpress/51848/deep-web/defector-tor-deanonymizing.html

