Data from google trends.

As pointed out here it could be VPN locations. But on an other side we also can see tax heavens who’s may struggling over coming regulations.

What if we target this userbase ?

  • Blake
    link
    fedilink
    English
    arrow-up
    7
    ·
    8 months ago

    those are all tax havens, coincidence?

    also could be vpn locations

    • NononynousOP
      link
      fedilink
      arrow-up
      4
      ·
      8 months ago

      Yeah heavy tax heavens, it could be VPN locations. But honestly, I never seen a Virgin Island VPN tho or that could be very costly in hosting bills 🤔

      • stevedidwhat_infosec@infosec.pub
        link
        fedilink
        arrow-up
        2
        ·
        8 months ago

        This might be non trivial to figure out. You’d need to compile a list of VPN IP ranges or ASNs and then look at average traffic rates for those locations to then account for the baseline.

        This is gonna get hairy pretty quickly jsyk - even whois records are questionable in validity sometimes so you might be poisoning your own data

        • NononynousOP
          link
          fedilink
          arrow-up
          2
          ·
          8 months ago

          Heh google trends won’t allow you to get this valuable data :)

    • tusker
      link
      fedilink
      arrow-up
      1
      ·
      8 months ago

      They have realized that Monero it the ultimate tax haven.

  • stevedidwhat_infosec@infosec.pub
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    8 months ago

    Last I knew monero and other ecurrencies are used heavily by cyber threat groups (APTs). Sometimes you can trace out their whole operations network from the data.

    Look around for more info - I’d recommend looking up info on crypto osint

    • NononynousOP
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      8 months ago

      Most of APTs are not really skilled about opsec usage. Last biggest actor were Lazarus and they did the mistake to not use bisq. LockBit for example is still using Bitcoin

      • stevedidwhat_infosec@infosec.pub
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        8 months ago

        Idk anything about their specific infra or procedures/practices tbh. I just know that threat researchers love lookin through crypto public record/graphs and correlating them fuckers