Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Advertising Crime Sony

Lizard Squad: Xbox Live, PSN Attacks Were a 'Marketing Scheme' For DDoS Service 139

blottsie writes The devastating Christmas Day attacks against the gaming networks of Sony and Microsoft were a marketing scheme for a commercial cyberattack service, according to the hackers claiming responsibility for the attacks. Known as Lizard Squad, the hacker collective says it shut down the PlayStation Network (PSN) and Xbox Live network on Dec. 25 using a distributed denial-of-service (DDoS) attack, a common technique that overloads servers with data requests. The powerful attacks rendered the networks unusable for days, infuriating gamers around the world and causing yet-untold losses of revenue. Now, members of Lizard Squad say the group is selling the DDoS service they used against Sony and Microsoft to anyone willing to pay.
This discussion has been archived. No new comments can be posted.

Lizard Squad: Xbox Live, PSN Attacks Were a 'Marketing Scheme' For DDoS Service

Comments Filter:
  • by alen ( 225700 ) on Tuesday December 30, 2014 @11:02AM (#48696313)

    not like you can play any game on the first day anyway

    everything is virtualized to the point where they support average players months after release and not the day of release and idiots not only pre-order the games, they change the store country to play it the second it goes live somewhere in the world.

  • a justice reward to these lil Asshats. I am quite pleased that Anonymous has already done their homework and spread all the information about these douchecanoes throughout the internet so their lives are wrecked for the foreseaable future. I'd hate to think that some mouthbreather CoD player go word that him and his mates are kicked off line by that kid down the street and enact vengeance for all of us.
    • by alen ( 225700 )

      MS and Sony should just code their services the right way and have 10000000000000 hyperbytes of bandwidth

      • Its not the service coding that is the issue - there's only so much network pipe to go round, and unless we build our entire networks to handle gigabits of traffic for ever server that will almost never be used (at great expense) we'll have to find other ways to stop such attacks.

        Of course, egress filtering would be a good first step. If only every big ISP did this, we'd make most DDoS attacks useless instantly. Then we only have to deal with compromised computers sending data, but if they cannot fake their

        • by Bengie ( 1121981 )
          The was anti-DDOS services work is quite simple. Instead of having a single network connection, say a 100gb link in the USA, you instead have many many 100gb+ links at the many Internet Exchanges around the world. At each IX, you have a bunch of proxy/firewall servers that filter the data, then send the "clean" data back to your 100gb link back in the USA.

          You scrub the data first where bandwidth is crazy cheap. You can purchase 100gb/100gb for $6k/month at many IXs.

          The second part to this is you need to
          • but what data is "good" data?

            is an NTP request good or bad? You can't always tell the difference as they're all good, only not if you're getting 10,000 of them per second.

            I'm sure every little website can afford to have a filtering proxy at all the exchanges around the world - after all, rack space in one of those is crazy cheap, and they let anyone put servers in there. Microsoft may be able to, but that doesn't help anyone else who will be subject to extortion from these scumbags. We need to improve our o

            • by Bengie ( 1121981 )
              We're not talking about "every little" web site, we're talking about the 2 biggest gaming networks in the world.

              Your NTP is a bad example because the issues being discussed focuses on stateful connections that require authentication and authorization, both of which can be done at the edge. Once a connection is authenticated and authorized, then its traffic may make its way back to the datacenter. Even UDP connections could be considered "stateful" in the sense that the proxy/firewall may not allow your tr
              • You seriously want an edge router to track every user that passes through them, the same routers you say handle gigabits of traffic per second? How would you handle such authentication? Do you have to have a user account with every ISP between you and your destination?

                You don't need to authenticate users - they're already authenticated on every source ISP network, or you wouldn't be allowed to send packets at all. The problem is the ISPs are sloppy with everything after that, they assume you're legit, when

            • by Anonymous Coward

              "is an NTP request good or bad? You can't always tell the difference as they're all good, only not if you're getting 10,000 of them per second."

              As someone who works in this field... Is an NTP request good or bad? In order of processing overhead:
              1.) Is the packet 76 bytes (or 96 with symmetric signing)? Normal packet sizes for a request or response. Stops amplification.
              2.) Did you ask for it? (Most NTP doesn't expect to serve NTP requests from the Internet). Stateful filtering is hardly new.
              3.) Is it a mod

    • Dammit, get it right!

      They were just exploring for unsecured systems in order to benevolently improve the Internet.

    • Does Anonymous have teeth anymore? Since their big players were de-Anonymized and rounded up by the FBI I haven't seen them do...much...

    • Anonymous did what?

  • by teambpsi ( 307527 ) on Tuesday December 30, 2014 @11:06AM (#48696361) Homepage

    "anyone willing to pay" -- you mean like an FBI agent with a credit card?

    • by TheCarp ( 96830 )

      I wonder how much target validation they do.

      If I were sony I might pay someone to be their first customer. Target of course would be important backend infrastructure for a major retailer..... then hand them a list of DoD IPs to hit.

      Oh you want me to pay you to poke sticks at sleeping animals? Here is $10 go poke that bear.

    • by reanjr ( 588767 )

      Correction: an FBI agent with some Bitcoins.

  • Great! (Score:5, Insightful)

    by Gliscameria ( 2759171 ) on Tuesday December 30, 2014 @11:06AM (#48696369)
    Sounds like an awesome way to get caught and shutdown. Keep at it boys.
  • by damn_registrars ( 1103043 ) <damn.registrars@gmail.com> on Tuesday December 30, 2014 @11:06AM (#48696375) Homepage Journal

    devastating

    No, there are lots of things that have happened in the past week that qualify as devastating, but these were not on that list. A major annoyance? Sure. Devastating? Not so much. Just because some people who paid too much for a gaming system weren't able to use it the first day after they got it; and the companies who sold it to them had to wait a little longer to get credit card numbers to charge monthly fees for these people, doesn't make it devastating.

    • by Anonymous Coward
      What do you have to support the statement that people paid too much for their gaming system? It seems like a pretty bizarre claim, maybe from someone who's projecting their poverty on to more successful people.
    • It must have been devastating to Sony's and Microsoft's profits, right? Surely these repeated demonstrations of how fragile their games and networks are would result in fewer people purchasing systems and games.
      • It must have been devastating to Sony's and Microsoft's profits, right?

        It is quite hard to demonstrate that notion, one way or the other. How many people who would have registered that day would have purchased something through it that same day? Would they not have purchased it 1 or 2 days later once things worked?

        Were any consoles returned 1 day later because they couldn't connect that day? $400 is not a trivial amount of money to spend on a gaming system; I wouldn't expect many people would give up on it after only one day - especially considering how well known the

  • Why pay for something that can be found searching duckduckgo"they have to change that name lol" for free? And its not like theses scum are what i would call a trustworthy business or humans.
  • by NotDrWho ( 3543773 ) on Tuesday December 30, 2014 @11:26AM (#48696541)

    "Just send us your address, so we can mail you the check."

  • If I'd said 10 years ago there would be hacker collectives bringing down corporate information services then selling the hacks and software for money I'd have said there's no way.... wait, I'd of probably said that sound reasonable. Things will get much worse. Does anyone have a suggestion about how organizations can prevent these attacks? Bruce Schneier, where are you?
    • by HBI ( 604924 )

      Essentially, the solution will be a form of whitelisting. The mechanics are mutable. The free and open Internet is already dead, but the corpse hasn't been interred yet.

  • ... it's a code name for FBI sting op.

  • by trawg ( 308495 ) on Tuesday December 30, 2014 @12:07PM (#48696881) Homepage

    The positive side is that hopefully it provides further incentives for companies like Microsoft to work harder to try to mitigate DDoS problems at the source.

    Microsoft are in a unique position as their operating system is - it seems - in many cases the base platform for launching these attacks. It'd be great to see a concerted effort along with a company like Google to start actively trying to massively reduce the number of systems that are regularly involved in DDoS attacks.

    • Yeah, there you go. "Microsoft should make a secure operating system." You don't understand the problem.

      To mitigate DDoS as you say, at the OS level, we would need to make the OS only run software that the Great Benevolent Dictator allows. Microsoft could publish a list of software Microsoft has decided you can install, and you can install only those softwares. Mind you, if the softwares have any security holes, it's still possible to hack in and use the node as a DDOS source.

      Think about it. No inst

      • by JustNiz ( 692889 )

        No, the problem is that the Microsoft philosophy is still to keep layering tweaks on hacks on mods of a design that was originally intended to be an application running on a single-user PC not on a network.

        Consequently installing or even just running apps can still extend/modify/override the operating system itself i.e. write files into c:/windows and/or modify the registry (even having a registry in the first place is a completely stupid idea for exactly this and many other reasons).

        If Microsoft had ever d

        • If I got you to install a Chromium extension that started when you log into your desktop (KDE, Unity, Gnome, whatnot), I could have you install an extension which runs in the background (like Google Hangouts) and simply pings the shit out of things I tell it to.

          In other words: if I can get you to download and run a program on Linux, as a regular user, with no root privileges and no write access outside $HOME, I can turn your machine into a DDOS node in a botnet.

          The problem we have on Windows is users

          • by JustNiz ( 692889 )

            So what you're saying is that with Linux I have to do something deliberately stupid ( install an UNTRUSTED Chromium extension that started when you log into your desktop).

            Windows is FAR easier to hack than linux. I mean if nothing else just look at all the open ports on a windows box compared to a linux box.

            • So what you're saying is that with Linux I have to do something deliberately stupid

              Well, on Windows, you have to run an external program, install an extension, or use a Web browser or e-mail client with a security hole. For example, Firefox and Chrome have had dozens of bugs over the past 6 months which allowed for the automatic background downloading and executing of programs without informing the user, or which would execute some data (images, java script variables) as code (which could then download a program and run it).

              On Linux, the same has been true. If you haven't run apt-get

    • by JustNiz ( 692889 )

      True but I'm not holding my breath. Microsoft have had multiple decades to secure Windows, and still haven't done anything credible. They just keep coming up with clueless crap like UAE.

      It looks to me like this problem will only go away when people finally get a clue and stop buying/using Windows.

  • ... all the compromised boxes to set up this DDoS network run MS software, and that is licensed, so you CANNOT sell what you don't own when you own it, even if you didn't own it when you owned it.
  • I've noticed that in the leadup to these attacks somebody going by Lizardpatrol1 [wikipedia.org] had just been running around vandalizing Wikipedia. I think they're just cashing in on the instability of simultaneous new consoles being attached to sell the vapor product.
  • If their BBC interview is any indication, provide these guys/gals with your credentials and they'll gladly pass it along to the next set of bandits (GoP)... except, since this is a new service, they'll also take your money AND they'll gladly take down your organization.

    It's merely a sucker's bet.
  • It's too bad they used XBOX LIVE and PSN as the target. So people who spent their own money on something that required internet access were told "It's only a game, relax, go outside". If they really wanted to impact "real people", they'd have attacked Netflix. There's a lot of blaming the victim in this thing. You paid too much for your toy! That's what you get for trying to play games!! It's your fault for buying something that requires internet access! Bottom line is people paid for something. The compan
  • I can appreciate the skill behind a clever, intelligent hack, but DDOS is just lame squared.

    For ruining Christmas for so many kids, I hope those skript kiddie fuckers get caught and have their whole lives ruined.

    • Agreed.

      It could be that I've read too much cyberpunk, but I'd like to see MS and Sony do the catching and ruining. Assuming that these pricks aren't located entirely in a nation willing and capable of handling them legally of course.

      But how satisfying would it be if photos of their corpses with Surface Pros through their heads started appearing? Or the outlines of PlayStation controllers protruding from their necks?

  • 1. The IPs they used for the DDoS are almost certainly known now.
    2. There are several groups (Sony, FBI, probably Microsoft, some infosec companies) who want to see the botnet dismantled.
    3. As each host is remediated or blocked (ISP walled garden), said botnet shrinks.

    Unless these guys have some zero-days and malware kits up their sleeves, their DDoS capabilities will not be around for long.

  • If Microsoft wants to hire some mercenaries to deal with these dicks in a permanent fashion, I won't complain. The fact that Sony doesn't have actual ninjas on staff is a constant source of disappointment, but easily fixed.

"Remember, extremism in the nondefense of moderation is not a virtue." -- Peter Neumann, about usenet

Working...