Questionable cloud / VPS / hosting companies are great for spammers and botnet C&C, but not so great for DDoS "ion cannons". You still need a large volume of geographically diverse endpoints for those to be effective.
On Mon, Dec 14, 2020 at 9:52 AM Peter E. Fry <p...@tailbone.net> wrote: > > Simple question: What's the purpose of obtaining illicit access to > random devices on the Internet these days, considering that a large > majority of attacks are now launched from cheap, readily available and > poorly managed/overseen "cloud" services? Finding anything worthwhile > to steal on random machines on the Internet seems unlikely, as does > obtaining access superior (in e.g. location, bandwidth, anonymity, > etc.) to the service from which the attack was launched. > > > I was thinking about this the other day as I was poking at my > firewall, and hopped onto the archives (here and elsewhere) to see if > I could find any discussion. I found a few mentions (e.g. "Microsoft > is hacking my Asterisk???"), but I didn't catch any mention of > purpose. Am I missing something obvious (either a purpose or a > discussion of such)? Have I lost my mind entirely? (Can't hurt to > check, as I'd likely be the last to know.) > > > Peter E. Fry > > >
