Besides proxying to try to mask their activities, wouldn’t those playing host to bad actors have to have some insight or notice some abnormal activity that might give away that someone may be abusing their services?
Or is it that there’s a mix of a financial & legal advantage to remaining as ignorant to that activity as possible for as long as possible up till push comes to shove & they’re being served a warrant?
That depends on what you mean by “bad actors”. If you’re just talking about illegal content then it’s just that the law isn’t universal. They just find a host somewhere where whatever they want to host is legal.
Well, not just content, but also activity like making fake sites to steal credentials, send out phishing emails/texts, and that kind of thing. I guess that may fall under the same point though, of the law not being universal regarding these activities, e.g. talk of some governments ignoring bad actors so long as their activities only target other nations’ citizens.
deleted by creator
It’s pretty common for that sort of activity to use stuff like botnets or compromised servers. In other words, the actual owner isn’t aware of what their resources are being used for: they got hijacked. There’s lots of stuff on the internet with very lax security so unfortunately it’s not really hard to do.