Most likely. We see a large amount of abuse coming from the replit free tier. And that's pretty similar to what Heroku used to offer.

If you're going to provide people with free compute online, there are just a lot of ways to exploit that.

I was shocked that even with the free tier gone, there's still some level of abuse. Even the paywall doesn't totally cure the problem.

Passing malicious URL filters is crucial to operations like ransomware, phishing, etc - hiding a bad domain behind a good one is extremely valuable to hackers and relatively cheap. Though I am surprised they'd pay for it due to the payment -> identity link (maybe it's stolen CCs but Stripe is pretty good about blocking that).

> Though I am surprised they'd pay for it due to the payment -> identity...

Between gift cards, money mules, shell corporations, and "that country doesn't cooperate with investigations"...I'd guess that this is no more than a minor problem for serious criminals.