A number of people in /r/bitcoin have found that their blockchain.info accounts have been hacked into and funds withdrawn, even though they had 20+ character random passwords.
The way this is happening is rogue Tor exit nodes are running an SSL stripping attack against users of blockchain.info.
The way it works is it would proxy your request to blockchain but redirect it to a non-HTTPS version of the site, hoping the user doesn't notice as it intercepts all requests.
It is critical that when you visit blockchain you do so over HTTPS (rather than let the site redirect you) and then check the certificate.
Don't rely on the browser to tell you it is secure, double click on the certificate and check it. Some attacks will attempt to mimic the encryption icon in the browser by using favicons.
A better further step: manually verify the fingerprint of the certificate. It would be excellent if Tor and DNM users knew how to do this and started getting into the habit of doing it all the time.
All you do is double-click on the encryption icon for the site in a browser. Click on 'connection information', 'certificate information' or whatever it is in your browser to get more details, then expand it until it dumps all the info for that cert.
You're looking for the signature, note this down from a trusted machine. It is usually 255 bytes long. Print it out on a spreadsheet for every important site you visit.
You don't need to check every number or character in the fingerprint, just scan the first few blocks (Tor onion addresses are secured with only the first 80!).
A tech note: md5 signatures are old and broken so you don't want those, and sha1 now is also being phased out. You want the sha256 signature. If it doesn't specify what type of hash it is, chances are it is sha256. md5 and sha1 are usually also included at the very end of a certificate for backwards compatability purposes, but they'll be gone soon.
Here is the blockchain.info signature I just got (but again, don't trust me!)
0E E3 CC 5F E1 73 C3 2F F5 2D 08 EC EA 1A 86 79 7D 07 7E C9 FC C3 46 9A C6 54 CC 6C FB 97 1F AE
7C 02 3F 7C 54 22 03 D6 4E 27 90 C1 30 5D 3C 5E 0E 03 C1 AF 66 AF BE 72 56 EE 63 56 D3 76 B1 2E
FF 3E 86 43 B3 3A 65 A2 4F D2 DB 76 A3 82 E2 A9 28 F2 68 0E 83 26 01 85 7B 9A F0 64 D0 3D F5 EF
D5 DE 8A 71 4D 3A C6 15 DA D0 27 92 A3 37 BB D2 BF 5E 57 60 09 0F E5 B1 10 89 48 0A 77 BC DB
95 4C 06 46
Edit: The reason blockchain is down is because they are being proactive about not allowing Tor users to log into the site incase of an MITM exit-node based attack. It sucks and they shouldn't have to do it, but it is just the way it is now. If you all take steps to keep yourselves secure it wouldn't be necessary to disable access to everyone to protect a few.
Note: I know the accepted wisdom here is that HTTPS is not required (edit for hidden sites) because Tor encrypts information, but that is the difference between confidentiality and integrity. Tor provides confidentiality, while TLS/HTTPS provides integrity (data hasn't been altered) while certificate signatures provide authentication (you know it is the real site). This is why Darknetmarkets should have, from the very beginning, have supported HTTPS and got users into a habit of checking certificate fingerprints. This protocol is designed for this task, PGP signed messages are not.
Also....don't use Agora.