Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Communications Encryption Networking Security The Internet Your Rights Online

Lizard Squad Targets Tor 83

mrspoonsi tips news that Lizard Squad, the hacker group who knocked Xbox Live and the PlayStation Network offline on Christmas morning, has now turned its attention to Tor. After tweeting that they were targeting a Tor-related zero-day flaw, the group is now in control of 3,000 exit nodes — almost half of them. "If one group is controlling the majority of the nodes, it could be able to eavesdrop on a substantial number of vulnerable users. Which means Lizard Squad could gain the power to track Tor users if it infiltrates enough of the network."
This discussion has been archived. No new comments can be posted.

Lizard Squad Targets Tor

Comments Filter:
  • Zero-Day Flaw? (Score:3, Informative)

    by Anonymous Coward on Friday December 26, 2014 @05:41PM (#48677567)

    They set up their botnet as tor nodes. How exactly is that a zero-day flaw?

    • by Anonymous Coward
      I don't understand the target, I used to use TOR for torrents, mostly just to anonymize my traffic for my ISP (I know, I'm a dick). Most exit nodes were European, so the NSA was already archiving everything I was doing anyway.
      Are these guys gathering information for the government now or something?
      • Re:Zero-Day Flaw? (Score:4, Insightful)

        by Zanadou ( 1043400 ) on Saturday December 27, 2014 @01:51AM (#48678891)

        (I know, I'm a dick).

        Yes, yes you are.

        This is why we can't have nice things.

        • This is why we can't have nice things.

          Of course we can. Reality - including human nature - simply sets the design parameters for those nice things. For example, would it be possible to fit major torrent clients with built-in (non-exit) Tor nodes? That way, torrent traffick would not swamp exit nodes and would actually help hide the kind of traffick Tor was originally designed for.

      • by Kythe ( 4779 )
        They want attention. That's it.
      • by sudon't ( 580652 )

        They're not gathering information. Perhaps the targets will make more sense once you understand that the perpetrators are tweeny- and teeny-boppers. Squeakers, and griefers, desperate for attention and approval from their peers. Their message is: "See what we can do? LOL! Please think we are cool."

        As for you, please get a VPN.

    • by MrL0G1C ( 867445 )

      NSA is pissed because their tor nodes only make up half of the remaining nodes and this makes it difficult for them to eaves drop. ;-)

  • by muphin ( 842524 ) on Friday December 26, 2014 @05:42PM (#48677575) Homepage
    As reported by /. http://tech.slashdot.org/story... [slashdot.org]
    so i believe they are working on a fix.
    • It must have been happening already for that 'prediction' to be so accurate.

    • Almost certainly the US Three Letter Agencies as well as foreign intel have known about this flaw - and how to leverage it - for a long time. Clearly, tor is not secure and hasn't been for awhile.

      • by Anonymous Coward

        > Clearly, tor is not secure and hasn't been for awhile.

        If by "clearly" you mean "innuendo, rumors, and undocumented third-party hearsay" you would be correct.

      • by aliquis ( 678370 )

        It was made for them.
        Also they found out who was running that drug store.

    • by OverlordQ ( 264228 ) on Friday December 26, 2014 @06:02PM (#48677669) Journal

      Not the same issue at all. All this is is IdiotSquad starting up a bunch of Google Compute VMs as tor exit nodes.

  • Oops (Score:2, Interesting)

    by Anonymous Coward

    They have just kicked the hornets nest..... people who have the ability to track them down and take their revenge

    • no kidding
      there ARE groups you just DO NOT PISS OFF

      the non govt. professionals like the ones behind offensive security and like
      are not to be messed with lightly

      • Re:Oops (Score:4, Insightful)

        by Earthquake Retrofit ( 1372207 ) on Friday December 26, 2014 @08:15PM (#48678187) Journal

        no kidding there ARE groups you just DO NOT PISS OFF

        the non govt. professionals like the ones behind offensive security and like are not to be messed with lightly

        I'm more concerned about dissidents in dangerous places and the reporters who cover such places. They deserve to have secure channels. I hope the community can come up with something.

  • Sybil attack? (Score:4, Informative)

    by jhantin ( 252660 ) on Friday December 26, 2014 @05:49PM (#48677611)
    I haven't seen any explanation of how this is a zero-day exactly; so far, this looks more like a Sybil attack [wikipedia.org].
  • by El_Muerte_TDS ( 592157 ) on Friday December 26, 2014 @05:54PM (#48677631) Homepage

    Either way, @LizardMafia's Tor relay attack isn't new. There's a paper on how Tor loses anonymity if over 50% of relays are compromised.

    https://twitter.com/kaepora/st... [twitter.com]

    I was going to go with botnet, but many LizardNSA relay IPs appear to route back to Google Cloud. Thousands of tiny VMs at low bandwidth?

    https://twitter.com/kaepora/st... [twitter.com]

    You can see this whole list of tor nodes here: https://torstatus.blutmagie.de... [blutmagie.de]
    All Lizard nodes resolve to *.bc.googleusercontent.com

  • If one group is controlling the majority of the nodes, it could be able to eavesdrop on a substantial number of vulnerable users.

    I'm willing to bet the NSA has prior art on this.

  • by carlhaagen ( 1021273 ) on Friday December 26, 2014 @06:02PM (#48677673)
    They haven't taken over 3000 Tor relays - they have set up 3000 new relays of their own, thus having control of over 50% of the available relays.
    • by Anonymous Coward

      You do realize what site you're on right? I'm pretty sure the only reason the logo bore the "news for nerds slogan" was that "wrong and sensationalistic" would be too honest and too hard for the editors to spell properly.

    • by Anonymous Coward

      You're correct, they seem to be bringing up new tor nodes in an attempt to intercept traffic, but they are hardly routing anything at all.

    • They haven't taken over 3000 Tor relays - they have set up 3000 new relays of their own, thus having control of over 50% of the available relays.

      If you capture over half of the traffic that moves over Tor haven't you for all practical purposes taken control of the network?

      • by Rakhar ( 2731433 )

        They have half of the nodes, but 1-2% of the traffic. They set up a bunch of new nodes, not took over existing nodes. As a result, they have a bunch of nodes that not many people are using. As the issue gets more attention, more of their new nodes are cut out of the loop.

  • Flag them all as bad (Score:3, Interesting)

    by Anonymous Coward on Friday December 26, 2014 @06:56PM (#48677891)

    ... and be done with it. Isn't this what the BadExit [torproject.org] flag is for?

  • I'm tired of hearing about these "anonymous" "hacking" "groups" and their supposed "achievements". I don't care if you get arrested. Prove to me that you're legit.
  • by greg1104 ( 461138 ) <gsmith@gregsmith.com> on Friday December 26, 2014 @07:41PM (#48678063) Homepage

    Each time this group makes the news, the sales of lizard stock art skyrockets. I'm starting to think the whole thing is a PR stunt funded by Getty Images.

  • by Anonymous Coward on Friday December 26, 2014 @08:49PM (#48678247)

    "Lizard Squad" has been DOS'ing game servers, twitch.tv, and more for months. Surely the NSA has tracked these idiots down, and the FBI has had more than enough time to parallel construct a plausible investigation that didn't involve getting tipped off by NSA. Right? So why are these morons still sitting around in their parents' houses interfering with millions of regular people who are just trying to play games or browse the web? Big companies are being targeted, lots of money is being lost through the game server outages, why haven't these morons been put under the jail by now? They threw the entire weight of the federal government at Aaron Swartz for downloading a bunch of PDF files and yet the Loser Squad has been DOS'ing many companies for months with impunity? Makes me wonder if NSA et. al. aren't the ones behind the attacks.

    • They should not bother being behind the attacks. They can just wait a lil longer until auntie and nephew both agree when a politician comes up on TV shouting: Damn hackers! we need internet regulation!

      The (cyber) antagonists, are likely useful idiots when two things occur:
      1- their target is made of mostly normal people, and does not involve structural damage or structural revolution of the status quo.
      2- their act gets lots of attention in the media.

      One would be really antagonist if you made useful FOSS, new

  • You have to be able to control which exit nodes you use.

  • the outward node has a public key, the receiving node has the private key, nothing in between gets anything useful.

    I mean, why overcomplicate shit?

    Hell, for that matter - airgap it.

    • by Dwedit ( 232252 )

      You know the senders and receivers. That's what Tor tries to stop.

      • by ihtoit ( 3393327 )

        I don't get it. I mean, what would be the point of an anonymous broadcaster if you don't know where to go to authenticate the information? Yes, that'd be a valid use-case IMO, but it falls on its arse when it comes to actually validating stuff.

        I have information that *needs* to be out there, but I'm not going to broadcast it and not stand by it, that nullifies its value completely. I will stand by what I say, I will claim right when I piss people off because I will offer what they will not: evidence.

        When I'

  • fruit loops (Score:5, Insightful)

    by sgt scrub ( 869860 ) <saintium@nOSPaM.yahoo.com> on Friday December 26, 2014 @10:42PM (#48678539)

    Are they the lizardsquad or the lowest hanging fruit squad? If they had skills they'd do something that isn't totally gay.

  • Stupid and sad ... (Score:5, Insightful)

    by janoc ( 699997 ) on Saturday December 27, 2014 @04:34AM (#48679099)

    Bunch of bored kids over Christmas break that got fed up with CounterStrike and Call of Duty, so they are wreaking havoc for fun and getting way too much news time for it. I have almost gagged when I have seen a reporter saying on TV with a straight face that "it is not confirmed whether the attackers are linked to North Korea" and that "The attack is not thought to be a terrorist attack". *double facepalm*

    I am not sure what is more sad, whether these jerks getting off on griefing others or the mom of one kid who couldn't play XBox over Christmas because of the DDOS and she lamented on camera - "What is he going to do now? He has nothing else to do!" I don't know - like going outside for a while?

    Our society is really going downhill :(

If you steal from one author it's plagiarism; if you steal from many it's research. -- Wilson Mizner

Working...