[iavael]

I thought that hacked machines usually used not as proxies for traffic from origin attack hosts but rather than large fleet of cheap throwaway attacking traffic origins themselves. There's a used to be fashionable definition "fog computing" for using computer resources like that. Except it criminals used this approach before definition emerged.

And as an attacker you couldn't care less about latency when you schedule a job of scanning bunch of ip addresses for vulnerabilities to one of thousands throwaway hacked home pcs in your fleet.

[Retric]

High latency still makes those machines less efficient to both compromise and them use to scan a bunch of ip addresses. ie US hackers hacking Chinese machines to then hack US machines is really inefficient.

Latency doesn’t prevent such things from working, but your better off hacking local resources and then using those resources to scan locally. So all things being equal either there’s a huge surplus of especially vulnerable Chinese machines or a surplus of Asian hackers.

To be clear there could just be a huge surplus of easily hacked Chinese machines, but that itself would be noteworthy.