I'm not assuming that the upstream ISP would be the malefactor. That is, in fact, a rather odd assumption, is it not?Can you give me an example of what would be the scenario here? Assuming I am the upstream ISP of the "hosts I control, willing to subject them to vast quantities of traffic". Would I announce 1.2.3.0/24 upstream, and point it to my customer's link?
OTOH, if you are a malefactor that wants to turn your botnet into anycasted DNS servers to issue incorrect redirections to others, getting said botnet (or its upstream routers if you are able to control them somehow) to announce 1.2.3.0/24 really doesn't pose any problem to you as a result of the traffic it generates.
Not sure how that would work or help other than in an attempt to cover your tracks.Or would I announce 1.2.3.0/24 from another ISP's origin AS?
You are assuming that you are doing this with routers you own (in the commercial sense of the word). I am assuming someone doing this with routers that they control (in the enable access sense of the word) but do not own (in the commercial sense of the word).How would (evil me) be able to hurt hosts other than on _my_ network?Malefactors these days are rather well known for using other people's equipment to carry out their misdeeds, or are you unfamiliar with the term "botnet"?
I hope I have adequately clarified.I am not doubting that people would not want to misuse this, but how would this work in the case you have outlined?