Many malicious activities require a large number of IP addresses for altering user identities. It is well known that a large number of IP addresses could be obtained through compromising numerous machines and building botnets. However, we recently found that a special type of off-the-shelf virtual private server (VPS), which we refer to as dynamic VPSs, can retrieve a huge number of IP addresses using just a single virtual machine. Although dynamic VPSs are intended for legitimate purposes, whether they are actually misused in malicious activities has never been investigated. In this article, we take the first step to study dynamic VPSs, with an emphasis on their security implications. We reveal that dynamic VPSs are surprisingly and extensively involved in malicious activities, explore their internal working mechanisms, and suggest that the linkage of dynamic VPSs to the security domain deserves adequate attention.

中文翻译：

---

一台拥有如此多IP的主机！动态虚拟专用服务器的安全隐患

许多恶意活动需要大量IP地址才能更改用户身份。众所周知，可以通过破坏大量机器和构建僵尸网络来获取大量IP地址。但是，我们最近发现，一种特殊类型的现成虚拟专用服务器（VPS）（我们称为动态VPS）可以仅使用一个虚拟机来检索大量IP地址。尽管动态VPS是出于合法目的而设计的，但从未对它们是否实际用于恶意活动进行过调查。在本文中，我们迈出了研究动态VPS的第一步，重点在于其安全隐患。我们发现动态VPS令人惊讶地广泛地参与了恶意活动，探索了其内部工作机制，