Hacker group Phantom Squad plans to shut down Xbox Live and PlayStation Network on Christmas. Forget the Grinch, there’s someone else who wants to steal Christmas. Phantom Squad, an online hacker group, has threatened to shut down Xbox Live and the PlayStation Network this Christmas by unleashing a series of DDoS (distributed denial of service) attacks — coordinated barrages of falsified incoming server traffic that causes the system to crash. DATA BREACHES AND CYBERATTACKS IN 2015 “We are going to shut down Xbox Live and PSN this year on Christmas,” the hackers tweeted. “And we are going to keep them down for one week straight. #DramaAlert.” We are going to shut down Xbox live and PSN this year on christmas. And we are going to keep them down for one week straight #DramaAlert — Phantom Squad (@PhantomSqaud) December 9, 2015 This could cause a big problem, because a lot of people are expecting to receive new gaming consoles on Dec. 25. If Phantom Squad is successful, this would be the second year in a row that these gaming networks go offline. Last year, the infamous hacker group Lizard Squad took credit for shutting down Xbox Live and PSN for two days. The group demanded more retweets and Twitter followers in exchange for restoring the servers. Phantom Squad, which said it has no relation to Lizard Squad, claims they’ve previously performed smaller outages on the gaming community servers, as well as other website such as Reddit. The group also explained in a tweet why it is that they perform these attacks. “I get asked a lot on why we do this? Why do we take down PSN and Xbox Live?” the tweet reads. “Because cyber security does not exist.” Sony and Microsoft have both received a series of attacks over the past year, but it’s still unknown what tactics they’ve developed to try and avoid these issues. Kim Dotcom, the infamous Internet entrepreneur behind Megeupload, has warned Sony and Microsoft that the attack could be avoided if they update their servers. “Warning @Sony & @Microsoft. You had 1 year to upgrade your networks. If Lizard Squad takes down PSN & XBOX this Xmas, we’ll be pissed! RT!,” Dotcom tweeted. Dotcom, who is also a gamer, helped stop last year’s attack by promising the hackers 3,000 accounts on his encrypted upload service Mega. While Sony and Microsoft work on strengthening their servers, people who bought a console as a gift this Christmas can unbox it, plug it in, and download all the updates as soon as they buy it. This process will let them at least play games offline on Christmas. Otherwise, if the hackers release a DDoS attack, the console will be useless without being powered on and updated. Source: http://www.nydailynews.com/news/national/hackers-plan-ddos-attack-psn-xbox-live-christmas-article-1.2467876
Link:
Hacker squad plans DDoS attacks on PlayStation Network, Xbox Live this Christmas
Cyber-crime syndicates are moving in, pushing script kiddies out of the picture, expect more large-scale attacks After the success of DDoSing outfits like DD4BC and Armada Collective, an unknown copycat that’s using the Armada Collective name but asking for astronomical payments has appeared. A report from Recorded Future, a real-time threat intelligence protection company, shows that DDoS-for-Bitcoin extortion schemes are here to stay, with more and more attacks being launched solely for this reason. DD4BC have launched a new type of extortion scheme This trend can be tracked down to an Akamai report released over the summer that documented the actions of a hacking group known as DD4BC (DDoS 4 Bitcoin). This group launched DDoS attacks on companies around the world, requesting small payments in Bitcoin for each target. The group’s scheme was a simple one. They would send threatening emails to business owners, saying they would launch powerful DDoS attacks if a ransom was not paid in due time to a specific Bitcoin wallet. To prove their point, a small 15-minute DDoS was launched to showcase their capabilities. DD4BC’s scheme proved to be extremely lucrative and allowed them to rack up Bitcoin over the past year in over 140 DDoS attacks. The group was active since late 2014 and suddenly stopped its activity after the Akamai report was released, probably to avoid getting caught by law enforcement authorities alerted to their scheme. Enter Armada Collective Soon after, the first DD4BC copycat arose, in the form of the Armada Collective hackers, carrying out DDoS attacks on small businesses in Switzerland. They then expanded to email providers, and their name became known around the world in the famous ProtonMail incident. The incident is very well documented in one of our previous stories , but we’ll give you a small summary. Basically, Armada Collective followed the DD4BC regular tactics, sending an email and launching a small 10-15 Gbps DDoS attack on ProtonMail. Armada Collective returning ransom to ProtonMail As soon as the attack ended, ProtonMail revealed what happened, and more serious attacks took place, with ProtonMail paying the ransom in the end. Armada Collective denied any involvement and even went as far as to return the ProtonMail ransom, putting the blame on a state-sponsored actor with capabilities that far exceeded its own. Enter the unknown copycat But something else happened recently that made the Recorded Future team stop and ponder about the bigger picture, and that’s the DDoS-for-Bitcoin attacks on three major Greek banks . With DD4BC and Armada Collective always launching small-scale attacks and requesting modest ransoms (the equivalent of a few thousand dollars), this new group attacking Greek banks does not fit the bill. While the attacks of DD4BC and Armada Collective seem to be the work of script kiddies, the ones that brought down ProtonMail and the three major Greek banks were massive in scale. Coupled with the fact that this new group also requests ransoms in the order of millions of dollars, there are clear signs that they are a copycat that’s trying to remain hidden by passing as Armada Collective (as stated in the email sent to the Greek banks). With the number of DDoS-for-Bitcoin attacks on the rise, this type of cyber-threat is about to evolve from the work of script kiddies to the normal MO of larger cyber-criminal syndicates.