Interesting IP spoofing attack targeted towards Tor relay operators. This attack is not specific to Tor, but somebody (deep state?) wants hosting providers to ban Tor relays. Incentivizing more decentralized relay self hosting can help.
The attacker is spoofing the IPs of Tor Exit and Directory nodes, and blasting TCP SYN packets on 22/TCP- spurring a large amount of abuse complaints to hosting providers, which are then temp blocking/banning Tor infrastructure which isn't actually doing anything wrong.