There have been several reports of Bitcoin users that use online wallets and exchanges, even over https, getting MITM attacked when using Tor. They visit the wallet site, get bad certificates but continue anyway, and poof, their Bitcoins in the service are gone and their passwords are known by the attacker. With recent SSL vulnerabilities or clever redirection, the cert errors could be avoided also. For other sites, users can be piped through a "universal phisher" to steal any credentials.
Clearly Tor users are under attack by exit nodes, many of them running automated tools against many web destinations.