[ErrantX]

End of last year we had someone attacking a clients network using commodity server instances.

If you can figure out a cut-out way to pay for the server time then there isn't much anyone can do to track it without getting on the ground and forcing local police forces into at least trying to make some headway.

So in effect it is kinda the same as it used to be (overseas, no questions providers) but instead of the servers being the overseas bit it is just the payment (and I guess they rely on the fact intrusion is hard to detect, unlike say spam, coupled with the sheer number of people buying instances daily now).

(our stuff led to Eastern Europe so it is unrelated - but the principle is similar).