It’s ironic but makes complete sense if we’re assuming they blocked the VPN server IP.
Say I’m a malicious user who’s using VPN server #22 from ProtonVPN (my personal favorite provider). The victim (CR in this case) isn’t going to see they’re being attacked by someone on VPN server #22 from ProtonVPN, they’re going to see the IP of that server and nothing else.
It really doesn’t matter if they did have that information because no human will be involved. The traffic will be marked as malicious and blocked by some software designed to monitor, identify, and block traffic that looks malicious. This is almost always done based on IP. It’s usually reversed in a few days though because IP addresses change frequently, so there’s no sense in continuing to block traffic from an IP you can’t guarantee belongs to the original attacker.
It’s ironic but makes complete sense if we’re assuming they blocked the VPN server IP.
Say I’m a malicious user who’s using VPN server #22 from ProtonVPN (my personal favorite provider). The victim (CR in this case) isn’t going to see they’re being attacked by someone on VPN server #22 from ProtonVPN, they’re going to see the IP of that server and nothing else.
It really doesn’t matter if they did have that information because no human will be involved. The traffic will be marked as malicious and blocked by some software designed to monitor, identify, and block traffic that looks malicious. This is almost always done based on IP. It’s usually reversed in a few days though because IP addresses change frequently, so there’s no sense in continuing to block traffic from an IP you can’t guarantee belongs to the original attacker.