[bee_rider]

I don’t understand this attack, are these reports anonymous or something?

In order to pull off this attack the attacker would have to have a collection of CSAM to upload. What if the site being attacked logged the uploader’s IP and went above-and-beyond complying with authorities and provided the source of the upload.

Well, I guess some people doing this sort of thing would try to hide their identity while doing the upload. Honestly, in that case… it might be reasonable for sites to not accept uploads via things like TOR, right? (Or however else these people hide their tracks).

[codedokode]

I assume people who do this also do other illegal things and know how to anonymize themselves.

[amiga386]

People who have money to rent DDoS services from criminals also have money to rent VPNs that use US residential IP addresses (usually from home computers infected with malware under the control of criminals)