Category Archives: DDoS Criminals

Hacker Group ‘Lizard Squad’ Hits Xbox Live and PlayStation Network with DDoS Attacks

A hacker group used distributed denial of service (DDoS) attacks against two giants in the gaming industry, causing widespread service outages among users. First, Lizard Squad, the self-professed “king of DDoS,” took down Xbox Live early last week. The ensuing outage lasted all of Monday night, with Microsoft support announcing that service had been restored on Tuesday. Shortly after the service interruption occurred, Lizard Squad tweeted “Xbox Live #offline” and announced that they would gift Microsoft a “wonderful” Christmas present this year. It would appear the group is living up to its promise. Later on Friday, Lizard Squad brought down Xbox Live again with another DDoS attack. Xbox 360 users were disproportionately affected by the group’s second attack against Microsoft that week, though Xbox One also experienced some problems. Then late last night on Sunday, Lizard Squad shifted its focus to Sony, which is still in the process of investigating a massive hack, and used a DDoS attack to bring down Sony Entertainment’s PlayStation Network (PSN). The group has also claimed responsibility for bringing down Sony’s online PlayStation store, replacing the homepage with the text, “Page Not Found! It’s not you. It’s the Internet’s Fault.” While service has been restored to PSN, the PlayStation store outage is still ongoing as of this writing. Sony is no stranger to Lizard Squad. The hacker group attacked the tech giant in August earlier this year, causing a massive service interruption among North American users. The group shortly thereafter tweeted that explosives were aboard an American Airlines flight on which Sony Entertainment President John Smedley was flying, causing the plane to be diverted. These recent attacks against Xbox Live and Sony are just the beginning, according to Lizard Squad. On Christmas Day, the hacker group has announced that it will bring down Xbox Live, only this time, it promises that the attack will irreversibly cripple the service, causing the outage to last “forever.” Whether the hacker group makes good on this promise remains to be seen. At any event, we can certainly expect additional attacks from Lizard Squad before this holiday season is over. Source: http://www.tripwire.com/state-of-security/top-security-stories/hacker-group-lizard-squad-hits-xbox-live-and-playstation-network-with-ddos-attacks/

See more here:
Hacker Group ‘Lizard Squad’ Hits Xbox Live and PlayStation Network with DDoS Attacks

Fort Lauderdale Website Under DDoS Attack Again

The City of Fort Lauderdale announced Wednesday that it may have to disconnect its Internet service at different points due to another attempt at a denial of service attack on the city’s website. Fort Lauderdale recently saw its home page and the website for Mayor Jack Seiler both go through denial of service attacks at the hands of Anonymous. The hacker collective launched the DDoS attack to try to change the homeless feeding ordinance and other city rules. The Anonymous DDoS attack lasted for several hours during the first attack which kept the home page inaccessible for several hours. The city said Wednesday that it is working with its Internet Service Provider to mitigate risk and safeguard the system. However, the city said there may be service interruptions and intermittent website performance due to the possible new attack. Source: http://www.nbcmiami.com/news/local/Fort-Lauderdale-Website-Under-Attack-Again-284672121.html

Read the original post:
Fort Lauderdale Website Under DDoS Attack Again

Google reels under DDoS attack

Google, it seems, has the eye of Sauron upon it. About 10:30 am IST, all of the monolith’s services went offline, including Gmail and the all important Google search engine. Since then, services have been restored one at a time. Google search and Gmail were resurrected around 11:20 am. while Google Drive and Gmail Chat only made their way back around 11:42 am. Panic was rampant on Twitter, as more and more people discovered they couldn’t log on, but it seems to be settling down now. So why was #GoogleDown? Well according to Digital Attack Map, ironically also a Google property, points to a possible DDoS attack on Google’s servers. A Distributed Denial of Service (DDoS) attack is when a malicious group uses multiple systems to bombard a server with unnecessary traffic, in an attempt to make it crash. No credit taken by any hacker group and no comment yet from Google, as of this time. Source: http://www.dnaindia.com/scitech/report-google-reels-under-ddos-attack-2040211

More here:
Google reels under DDoS attack

DDoS attack takes down X-Box Live, FBI warns businesses of new hacking threats

Cyber Monday appears to be a good time for cyber attacks. A group calling itself Lizard Squad said it has taken down Xbox Live. The outage started Monday night and has gamers complaining that they can’t access their systems. The group posted a message to Twitter Monday evening: Cyber Monday appears to be a good time for cyber attacks. A group calling itself Lizard Squad said it has taken down Xbox Live. The outage started Monday night and has gamers complaining that they can’t access their systems. The group posted a message to Twitter Monday evening: The group appears to have launched a DDOS (distributed denial-of-service attack), a fairly common way to take a site offline. Gaming sites said the Lizard Squad has been attacking gaming services for several months, including Play Station, Destiny and several EA games. The group made similar threats to bring the sites down at Christmas. Meanwhile, the FBI is warning businesses that hackers are using malicious software to launch a series of attacks on the U.S. Over the weekend, Sony Pictures Entertainment was hacked, resulting in five films, including the company’s new version of “Annie” being leaked online. The FBI sent out a confidential five-page memo to businesses Monday warning of the possibility of similar attacks, CNBC reported. The Sony attack is believed to have come from North Korea, which had threatened retribution for an upcoming film about its leader Kim John-un. North Korea has complainedthe film, “The Interview” – which includes a plot to assassinate the leader – was state-sponsored “terrorism.” North Korea has appealed to the United Nations to stop distribution of the film. The FBI is investigating the attack. Source: http://www.al.com/news/index.ssf/2014/12/ddos_attack_takes_down_x-box_l.html

SK Internet down after DDoS Attack

SK Broadband, one of the largest providers of broadband Internet access in Korea, was attacked by the Distributed Denial-of-Service (DDoS) over the weekend, disconnecting its Internet services for about an hour. DDoS is a kind of cyberattack in which multiple compromised systems are used to target a single network or a machine and make it unavailable to users. On Saturday at 10:55 a.m., the traffic on SK Broadband’s DNS server soared up to 15 million packets per second (PPS), from its usual average of about 1 million PPS. PPS refers to the number of database transactions performed per second. The Ministry of Science, ICT and Future Planning said it blocked the cyberattack on SK Broadband and a smaller attack on LG U+ with the help of the Korea Internet Security Agency (KISA) and was able to normalize the service in 70 minutes. SK Broadband users near Seocho and Dongjak distrcts in southern Seoul were without Internet from 10:55 a.m. until 12:05 p.m. on Saturday. There was also a mild attack on LG U+, the nation’s third-largest mobile carrier, but it did not have a noticeable effect on the carrier or its users, according to the ministry. The investigative team at the Science Ministry has confirmed 1,030 Internet Protocol addresses used in the DDoS attack and is analyzing the SK’s DNS server log. SK Broadband said it is planning to collect and analyze the malware codes used in the attack after it identified zombie PCs among the users. “It’s not the first time that a mobile carrier has been attacked by DDoS. We are investigating where the attack came from and the exact causes,” said Lim Young-seok, a manager at SK Broadband. “It could take a month, as in the case of previous cyberattacks on banks.” However, information security companies suggested that the DDoS attack on the mobile carrier and the Internet service provider could be a prelude to a larger cyberattack. Increased malware activity was recorded ahead of massive cyberattacks on three Korean television stations and a bank on March 20 and a June 25 attack on the Blue House website. Bitscan, a local securities company, warned that malicious links are at their most active point this year. “As malwares hover between wired and wireless networks, PCs and mobile devices that are vulnerable to cyberattacks will likely see huge damages,” said a spokesman for Bitscan. Source: http://koreajoongangdaily.joins.com/news/article/Article.aspx?aid=2997940

Continue reading here:
SK Internet down after DDoS Attack

Sony Pictures Entertainment Disabled by Cyber Attack

The company’s corporate networks and email were taken offline following the attack. Variety reports that all Sony Pictures Entertainment employees were advised on Monday, November 24, 2014, not to connect to corporate email or corporate networks following a breach by hackers calling themselves “Guardians of Peace,” or #GOP. Deadline.com reports that Sony Pictures’ computers were still down worldwide as of the following day, November 25, 2014. According to The Verge, company computers were defaced with a message stating, “Hacked By #GOP.” “Warning: We’ve already warned you, and this is just a beginning,” the message adds. “We continue till our request be met. We’ve obtained all your internal data including your secrets and top secrets. If you don’t obey us, we’ll release data shown below to the world.” Below the message was a list of five links to zip files allegedly containing stolen data. A Reddit post examining the zip files reports that they contain several files named “private key,” along with Excel files named “passwords” and PDF files named “Diaz, Cameron – Passport.pdf” and “Angelina Jolie passport.pdf.” Another poster found what appears to be weekly Excel files backups of a 1Password database. In an email sent to The Verge, a GOP hacker claimed they were assisted by insiders at Sony, stating, “Sony doesn’t lock their doors, physically, so we worked with other staff with similar interests to get in,” the hacker added. HyTrust vice president Michele Borovac told eSecurity Planet by email that this appears to be yet another example of a massive insider breach. “While it’s possible that the statements made by the attacker are just bluster, the reality is that privileged user credentials can give a hacker the keys to the kingdom,” she said. “Organizations must take steps to gain control and maintain visibility over these administrative ‘super user’ accounts if they want to prevent — or at least contain — these types of attacks,” Borovac added. A Courion survey recently found that IT managers are overconfident about their ability to prevent insider breaches, while a SpectorSoft survey found that 61 percent of IT professionals say they’re unable to deter insider threats. A recent eSecurity Planet article offered advice on how to defend against such threats. Incapsula security researcher Ofer Gayer told eSecurity Planet that the Sony attack is a hard blow for the company, particularly coming so soon after Sony’s networks were taken offline by a DDoS attack in August 2014. “As we’ve seen, these attacks can have a devastating effect on a company, its employees and its clients,” Gayer said. “Releasing private data (dubbed ‘d0xing’ in internet slang) or losing it all completely takes a dangerous step forward from plain old data theft, and as these types of attacks gain popularity, CISOs will be under heavier pressure to prevent them.” Source: http://www.esecurityplanet.com/network-security/sony-pictures-entertainment-disabled-by-cyber-attack.html

More:
Sony Pictures Entertainment Disabled by Cyber Attack

Cleveland city website shutdown due to DDoS Attack

In retaliation for the police killing of a twelve-year-old boy in Cleveland and the fact that the names of the Police officers who shot him have not been released yet, the hacker group Anonymous claimed responsibility for shutting down the Cleveland city website early on Monday, reports VICE News. Anonymous is a loosely associated international network of activist and hacktivist entities. Anonymous is made up of individuals who hack into computer systems without permission and take data such as communications records, names, addresses, phone numbers, and credit cards. The group has become known for a series of well-publicized publicity stunts and distributed denial-of-service (DDoS) attacks on government, religious, and corporate websites. The hacker group claimed responsibility for shutting down the Cleveland city website after the boy in Cleveland died due to injuries sustained in the police shooting. The boy was shot by police after he displayed a replica gun at a Cleveland recreation center. The Cleveland Police Department said in a statement that the child had not complied with orders to raise his hands. Instead, he apparently reached towards his waist band for the replica gun. The child had reportedly been pointing the toy weapon at members of the public outside the Cudell Recreation Center, prompting a 911 call, reports Reuters. The boy was taken to Metro Health Hospital for surgery on Saturday and remained in critical condition until his death early Sunday. The two officers involved in the incident were placed on administrative leave. One of them was treated at Fairview Hospital for an ankle injury, reports Reuters. According to a report on Cleveland.com that cited the deputy chief of police, Rice did not confront the officer verbally or physically. His father, Gregory Henderson, has questioned the use of lethal force saying, “Why not taze him? You shot him twice, not once, and at the end of the day you all don’t shoot for the legs, you shoot for the upper body,” as reported VICE News. The Department’s Use of Deadly Force Investigation Team is currently investigating the incident. Source: http://sputniknews.com/us/20141125/1015137543.html

DDoS attacks: Will Black Friday see upturn in web site attacks?

With Black Friday, Cyber Monday and the busiest online shopping season heading into full swing, it’s a favourite time for cybercriminals hoping to cash in on the holiday hoopla. “The amount of breaches and stolen identities went up drastically in October, November and December of last year,” said Alexander Rau, national information security strategist with Symantec Canada. “There’s more online shopping going on. People are crazy about Black Friday (Nov. 28, the day after the American Thanksgiving) and Cyber Monday, people want to get the best deal in the fastest time. “If there’s a lot of traffic, that’s where the attackers and the hackers go to try to steal information if they can.” It’s not only about stealing credit card credentials — that aspect of online chicanery, while still prevalent, is only a small part of cybercrime. On the consumer side, more important to criminals now is the ability to compile entire dossiers on their victims, so when the stolen credit card data is no longer usable they still have enough personal data to carry out sophisticated identity theft scams, which can include buying cars, taking out mortgages in their victims’ names and other fraud. Companies are under increasing attacks for all manner of gain. In the hectic shopping season, keeping transactions secure is only one part of the challenge. Distributed denial of service, or DDoS, attacks can take down websites by overloading them with bogus traffic. While DDoS attacks are common in games such as Minecraft, in which competitors use them to gain an edge, or in business or for political protest, unscrupulous website operators can also use them to take a retail competitor offline during the busiest online shopping days of the year. “A distributed denial of service attack basically means that someone, in that case the attacker, is flooding a service like a web server with just garbage traffic,” said Candid Wueest, a security researcher with Symantec Security Response and author of a recent report on the evolution of DDoS attacks. “You can compare it in real life to heavy rain, and your flood drains can’t cope with all the water coming in. Now someone opens the floodgates and sends a lot of water toward you. So you’re going to be underwater and not responding to any requests, even the one from the shopper that you actually want to.” Wueest said 2014 has seen an increase of 183 per cent of just one type of attack. “They are getting stronger but sometimes also shorter,” he said. “We know sometimes to take down an online service, often it’s enough to take it down for a few minutes or a few hours, and then the word will spread and people will start shopping at a different location. It’s not uncommon that we see it during seasons like the Black Friday shopping weekend.” In the lead up to Black Friday and Cyber Monday, Wueest said already some sites are being targeted by extortionists. In the digital world, protection money is demanded as the price of leaving a website online. “What they’ll do is inform the companies, the online shops, previous to the weekend, they’ll tell them, ‘Look, you’re either going to pay us $800 … and if you don’t do it we’re going to take down your business for a few hours.’ “In the end, it’s a classical extortion, which you obviously shouldn’t respond to but it’s hard because in the online world, it can damage your brand and obviously your sales if you’re not available during the peak hours.” Where is the computing power coming from to launch these attacks? If your computer is infected with a virus, it could be what is referred to as a bot, assembled into a botnet army under the command and control of the attacker. You don’t have to be a computer genius to launch an attack. Now for the price of a Starbucks eggnog latte you can get a website taken down for an hour. “There are services which offer it for as little as $5 for one hour, meaning you pay $5 through any online currency like bitcoin or something else and they will make sure that your competitor, your enemy for online gaming, or maybe a newspaper that you didn’t like is taken off for one hour, one day or even one week,” Wueest said. For consumers, there are other things to worry about besides whether or not their favourite online shopping site is available. Identity theft is becoming more and more sophisticated and data breaches — in which companies such as Target and many others have lost personal and financial information on their customers — can leave a ticking time bomb. Long after your credit card is cancelled and you’ve let the credit-monitoring service expire, the personal data about you could be assembled in new ways to make money. “There’s a number of things that people can do to protect themselves from a lot of these different kinds of scams that are going to take place during the holidays. They do every year. This year nobody expects it to be any different” said Bob Hansmann, director of product security for Websense, a computer security company. “Essentially you want to keep your eye out for deals that look too good to be true — they typically are. Any links inside an email or even some web pages — you’re going to want to be a little wary of it. “Make sure your anti-virus software is up to date. If you’re using a Windows machine, make sure it’s patched. Make sure you’re following the normal be-careful kinds of maintenance things, and that can eliminate a lot of these kinds of risks.” Source: http://blogs.vancouversun.com/2014/11/24/ddos-as-a-service-will-black-friday-see-upturn-in-web-site-attacks/

Original post:
DDoS attacks: Will Black Friday see upturn in web site attacks?

‘DerpTrolling’ hacker group responsible for DDoS attack on Warcraft servers

According to a CNET report, a hacker group which calls itself ‘DerpTrolling’ has recently claimed responsibility for a series of distributed denial of service (DDoS) attacks on game servers for Blizzard Entertainment’s World of Warcraft online RPG. The DDoS attack which the DerpTrolling hacker group launched on the Warcraft servers crippled the servers during the launch weekend of the Warlords of Draenor game. Claiming responsibility for the attack, DerpTrolling hackers have disclosed that they had managed to seize a massive amount of user data. According to the hacking group, the user data which has been seized as a result of the attack on Warcraft servers includes login details, password, email, and credit card information from PlayStation Network accounts as well as 2K accounts. In an elaboration of user data to which it has gained access, the DerpTrolling hacker group said in a statement to CNET: “We have 800,000 from 2K and 500,000 credit card data.” The group further declared that it has approximately “2 million Comcast accounts, 620,000 Twitter accounts, 1.2 million credentials belonging to the CIA domain, 200,000 Windows Live accounts, 3 million Facebook, 1.7 million EA origins accounts, etc.” Asserting that it has altogether seized nearly 7 million usernames and passwords from its raids, the hacker group has somewhat substantiated its claim by releasing a partial list of the hacked accounts as evidence. Source: http://uncovermichigan.com/content/22039-derptrolling-hacker-group-responsible-ddos-attack-warcraft-servers

More:
‘DerpTrolling’ hacker group responsible for DDoS attack on Warcraft servers

Toronto Police Service website down after DDoS attack

The Toronto Police Service website went down on Sunday evening after a Twitter user threatened to hack it. According to police, the site was the subject of a Distributed Denial of Service (DDoS) attack. Twitter user @AerithTOR claimed responsibility for the attack on the social networking site. A DDoS attack floods a website with several requests and if the website’s server cannot handle the volume of requests, the website crashes. @AerithTOR also suggested that they would be targeting the Conservative Party of Canada and Parliament of Canada websites. Both sites were online Sunday night. The Ottawa Police Service and Supreme Court of Canada websites went down on Saturday evening. The Ottawa police website was still down as of Sunday night. The City of Ottawa website was hacked Friday evening and replaced with a black screen and a dancing banana, along with a message attributed to @AerithXOR. @AerithTOR claimed this was his former account and said it had been suspended. The message the hacker left on Ottawa’s police website contained the name of an area police officer. The officer was involved with the investigation of an Ottawa teen who is alleged to have made calls reporting fake emergencies to emergency services agencies across North America. Toronto police were unavailable for further comment. The Toronto Police Services website remained offline on Sunday night. Source: http://www.thestar.com/news/crime/2014/11/24/toronto_police_service_website_down_after_ddos_attack.html

More:
Toronto Police Service website down after DDoS attack