lizardsquad
Latest
Lizard Squad's founding member pleads guilty to cyber-crimes
A 20-year-old has pleaded guilty in a Chicago federal court to launching cyberattacks and harassment campaigns as a founding member of the hacker-for-hire groups Lizard Squad and PoodleCorp, according to the Chicago Tribune. Between them, the two outfits knocked both the PlayStation Network and Xbox Live offline in 2014, took down the UK's National Crime Agency website the following year, and breached thousands of CCTV cameras for DOS attacks against companies.
Lizard Squad hacked thousands of cameras to attack websites
The hacking collective Lizard Squad isn't relying solely on masses of compromised PCs to cause some grief online. Security researchers at Arbor Networks have discovered that the outfit compromised several thousand closed-circuit cameras and webcams to create a botnet that it promptly used for denial of service attacks against bank, gaming sites, governments and internet providers. Each device might not be as individually powerful as a PC, but they add up -- some attacks flooded sites with as much as 400Gbps of data.
Lizard Squad takes revenge on UK police with DDoS attack
Lizard Squad has claimed responsibility for a temporary takedown of the UK's National Crime Agency (NCA) website, almost certainly in response to a series of arrests targeting customers of the hacker collective's DDoS-for-hire service. Last week, the agency announced that UK police had apprehended six British teenagers for using Lizard Stresser, a tool developed by Lizard Squad which allows anyone to cripple websites with Distributed Denial of Service (DDoS) attacks. All of the suspects were released on bail and the NCA said it would be visiting 50 addresses to issue warnings to registered users.
UK police arrest teens for using Lizard Squad's paid DDoS service
Six British teenagers have been arrested for using Lizard Stresser, a Distributed Denial of Service (DDoS) tool developed by the troublesome hacker collective Lizard Squad. According to the National Crime Agency (NCA), these individuals, who have now been released on bail, targeted a national newspaper, a school, gaming companies and various online retailers. They paid in "alternative" currencies such as Bitcoin in order to stay anonymous, however those measures have proven futile. Lizard Squad rose to prominence last year when it took down the PlayStation Network and Xbox Live. The group quickly claimed responsibility and, as if it were marketing stunt, launched Lizard Stresser -- a takedown-for-hire service that allowed anyone to cripple unsuspecting sites.
Attacker who ruined your holiday gaming gets a slap on the wrist
If you were hoping that all of the Lizard Squad attackers who took down the PlayStation Network and Xbox Live last holiday would get their comeuppance... well, you'll be disappointed. A Finnish court has convicted Julius Kivimäki (aka "Ryan" and "Zeekill") of a whopping 50,700 charges related to various computer crimes, including data breaches, telecommunication-based harassment and swiping credit card data. It sounds good, but his penalty is limited to a suspended 2-year prison sentence and an order to help fight cybercrime -- a trivial penalty in light of his overall damage. Even if you limit Kivimäki's culpability to the gaming network outage, he was still partly responsible for days of downtime at Microsoft and Sony that frustrated millions of players. While he'll theoretically stay on the straight and narrow for at least a while, the verdict isn't exactly going to scare Lizard Squad's other members into becoming model citizens. [Image credit: Jean-Jacques Boujot, Flickr]
Lenovo's website hijacked, apparently by Lizard Squad (update)
Lenovo's no good, very bad week of security may be getting worse -- Lenovo.com appears to have been hacked, likely in response to the Superfish scandal. This afternoon some visitors trying to access the site instead get a slideshow of webcam pics of kids sitting at their computer, along with a link to a Twitter account claiming to represent the hacker group Lizard Squad -- all set to the sounds of "Breaking Free" from High School Musical. The HTML code says this "new and improved rebranded" site is featuring Ryan King and Rory Andrew Godfrey -- two people that some internet posters have identified as members of Lizard Squad. Update: It gets worse -- Lizard Squad's DNS hijack meant it was able to intercept Lenovo email as well, until Cloudflare shut it off. Ars Technica spoke to the company, which said it seized the account used and was able to update the MX records used for email to cut off the email interception. One message apparently caught claimed that Lenovo's Superfish removal tool had bricked a customer's Yoga laptop. That may not be the end though, as the group claims it will be combing through the "dump" of captured data soon. Update 2: Security researcher Brian Krebs reveals that the two people named have actually been working to expose Lizard Squad, and that a hack at a Malaysian domain registrar was the source of the redirect. [Thanks, Mark]
Lizard Squad's paid cyberattack service faces a hack of its own
Lizard Squad is apparently getting a taste of its own medicine. Security guru Brian Krebs has learned that someone hacked Lizard Stresser, the cyberattack-for-hire service that Lizard Squad launched following its takedowns of the PlayStation Network and Xbox Live. The breach exposed the project's customer database, which was ironically stored in plain text -- unless clients change their passwords, they're about as vulnerable as the sites they paid to take down. This attack doesn't make things right (it's just as illegal, after all), but something tells us that law enforcement isn't in a rush to catch the perpetrators. If anything, it's more interested in the less-than-innocent victims. [Image credit: Jean-Jacques Boujot, Flickr]
Do these Sony offerings make up for the PlayStation Network outage?
Sony's PlayStation Network was hit by a devastating denial-of-service attack over Christmas. Now that the gaming service is back online, should the company be offering players some sort of peace offering? If so, what's a reasonable gift in this scenario? It's quite a conundrum, because the festive downtime wasn't predominantly Sony's fault. A hacking group called Lizard Squad orchestrated the attack (they also targeted Xbox Live) causing all online functionality to collapse. It meant new console owners on Christmas Day were unable to redeem game download codes or create new PSN accounts, while existing PlayStation owners were locked out of the online multiplayer modes for their favorite games.
Police reportedly arrest UK hacker behind gaming network attacks
Lizard Squad probably shouldn't have bragged about being impossible to track following its cyberattacks against the PlayStation Network and Xbox Live. According to both The Daily Dot and a Thames Valley Police report, law enforcement arrested alleged group member Vinnie Omari on December 29th -- not for the gaming network attacks themselves, but for stealing from PayPal accounts. Omari says that the cops haven't pressed formal charges (they released him on bail), but they also confiscated all his computing devices and storage to gather evidence.
PlayStation Network is back online following Christmas Day attack
Three days after Lizard Squad's latest denial of service attack knocked the PlayStation Network offline (and Xbox Live, we'd add), the internet gaming service is gradually getting back on its feet. Sony now says that PSN should be up and running for all of its consoles. While the company warns that there might be some "intermittency" as it gets back into the swing of things, you theoretically won't face major interruptions during that big Destiny raid. It's not clear if Sony's infrastructure will be any better at weathering future digital assaults on this scale; given that the attack was supposedly three times larger than the previous record-setter, this probably isn't a permanent fix. However, it's good to know that you can squeak in at least some online gaming on that shiny new PS4 before the holidays are over.
These are the hackers who wrecked your holiday gaming
If you're a console gamer, you're probably all too aware of Lizard Squad, the hacker outlet that allegedly knocked both the PlayStation Network and Xbox Live offline for a good chunk of the Christmas break. But just why and how is this group causing so much grief? Thanks to the Daily Dot, we now have a better (if imperfect) idea of what's going on. It might not shock you to hear that the team is doing this both for laughs, à la LulzSec, and to expose the "incompetence" of the security teams at Microsoft and Sony. However, they also claim to have access to undersea internet cables and other "core routing equipment" that lets them flood networks with massive amounts of data. They supposedly bombarded PSN and XBL at a rate of 1.2 terabits per second, or three times the rate of the previous largest attack on record.
PlayStation Network goes down following cyberattacks (update 2: Xbox as well)
Sony may be experiencing a few unpleasant flashbacks this weekend. Both the PlayStation Network and Sony Online Entertainment (SOE) are slowly recovering from a denial of service attack that flooded their server connections, kicking many gamers offline. The group claiming responsibility, Lizard Squad, reportedly started out bombarding servers run by Blizzard (World of Warcraft), Grinding Gear Games (Path of Exile) and Riot Games (League of Legends) before swinging its attention Sony's way.
