Comment by comex
4 days ago
You don’t even need to gain control over a large number of devices in the region.
You just need _one_ device in the region, which can connect to the VPN or proxy service you were already using (the assumption seems to be that the attacker has a large number of IPs they can access through such a service). That device will get some added latency from going through the VPN/proxy, but because it’s physically close, the added latency will be small, probably not enough to reliably detect.
If you're using a proxy, I don't think whether or not the source device is in the region changes anything. The only variance is in the time from where traffic exits the proxy to servers.