Lizard Squad – the infamous hacking group that brought Xbox and PlayStation networks to their knees.
Reading Time: 7 Minutes
Lizard squad was a notorious hacking group that claimed responsibility for some of the biggest hacks and DDoS attacks in gaming history, including attacks on the Xbox and PlayStation networks.
They used to disrupt streamers, game events, and studios and many of its members have been arrested over the years. Lizard Squad proclaimed themselves to be the “kings” of DDoS attacks.
First Attack on PlayStation Network, League of Legends.
The attacks started in August 2014. Lizard Squad hackers launched their DDoS attacks first on the League of Legends servers taking them offline.
Then, they proceeded to launched DDoS attacks on the PlayStation Network, as well as on servers run by Blizzard. The attacks took the networks down for nearly a whole day, causing problems to gamers worldwide.
The news for the attacks was on the front page of all media around the world due to the magnitude of the people affected.
The FBI launched an investigation into the group when the attackers twitted a bomb threat against Sony’s executive, John Smedley, which forced the flight to be diverted, causing a nationwide hunt for the group.
Lizard Squad bomb threat Tweet
A month later, in September 2014, the group launched DDoS attacks on Activision’s Destiny and call of Duty: Ghosts, as well as on EA’s FIFA, Sims 4.
Given the particular popularity of Destiny and their complete reliance on live servers, the problems caused were enormous, a lot of players were unable to login for hours.
Our first test: Parts of Destiny #offline
— Lizard Squad (@LizardSquad) September 20, 2014
Parts of Call Of Duty Ghosts #offline
— Lizard Squad (@LizardSquad) September 20, 2014
December Attacks
The majority of Lizard Squad’s online activity, outside hacking, comes via their Twitter account.
Following the attacks, the hacking group constantly provided information for their operations or threats while also claiming responsibility for the attacks through their twitter account.
Lizard Squad Tweet about nationalcrimeagency.gov.uk going offline due to DDoS attack
Lizard Squad botnet is estimated that contained somewhere between 120K and 150K bots. From pcs and routers to fridges and other smart home devices.
Lizard Squad attacks went quite over October and November, preparing themselves for their largest attack yet.
On December 1st and 8th 2014, the hackers resurfaced, taking Xbox and PlayStation networks respectively offline again.
Xbox users reported that attempting to connect and use the service would give them an ‘80151909’ error code.
On December 2nd, the group hacked the machinima.com website and replaced their front page with the ASCII art of their logo.
ASCII Lizard Squad logo on the defaced machinima.com website
After the attacks in December, the Twitter account of the Lizard Squad’s members warned that they would continue the attacks on Christmas.
“That’s a small dose of what’s to come on Christmas,” reads their account, which later added: “Sony had it worse.”
Xbox Live #offline
— Lizard Squad (@LizardPatrol) December 2, 2014
On the 22nd of December, North’s Korea Internet access went dark. The mystery behind the motive of the 9,5-hour outage was still unknown until the members of the Lizard Squad claimed responsibility for the attack and linked an IP address located in North Korea.
Further attacks, Christmas attacks
On December 25, 2014, the Lizard Squad hackers who had previously threatened to take down gaming services on Christmas, followed through on their promise and launched DDoS attacks on the PlayStation Network and Xbox Live.
The attacks caused widespread anger among gamers around the world. The attacks stopped only when the Internet entrepreneur Kim Dotcom offer 3000 vouchers for his Mega cloud storage service, worth $99 each.
Attacks on Tor, Sybil attack, Malaysia Airlines
The group twitted that they were no longer attacking the gaming giants but on the Tor network.
To clarify, we are no longer attacking PSN or Xbox. We are testing our new Tor 0day.
— Lizard Squad (@LizardMafia) December 26, 2014
On December 26, the hacker group launched a Sybil attack, (A Sybil attack is a kind of security threat on an online system where one person tried to take over the network by creating multiple pseudonymous nodes, accounts, etc.) which involved more than 3000 relays against the Tor network.
‘LizardNSA’ nodes began appearing on the network.
In the first month of 2015, on January 26, the website of Malaysia Airlines was attacked by Lizard Squad, calling itself a ‘cyber caliphate’.
Users were getting redirected to another page with an image of a tuxedo-wearing lizard, and reading ‘Hacked by Cyber Caliphate’.
The page also had the headline ‘404 – Plane Not Found’, an apparent reference to the airline’s loss of flight MH370 the previous year.
404 – Plane Not Found – Defaced Malaysia Airlines website
Customer data were not compromised and the flight bookings didn’t get affected.
A new squad of hackers emerges, Finest Squad
A group known as the Finest Squad emerged in December of 2014 with the intention of bringing Lizard Squad’s actions to an end.
The Finest Squad members managed to break into the public Twitter accounts and websites of the Lizard Squad members and released their public information, such as names and photographs of them online.
The members of Lizard Squad went silent, and it is not yet clear how the Finest Squad members uncover their personal information.
Finest Squad defaced Lizard’s Squad Website while also exposing members.
They also revealed how the Lizard hackers managed to take the video game networks down and even submitted information about the vulnerabilities discovered to the video game networks that were under attack.
Tweet – [https://twitter.com/FinestSquad/status/544154421580808192 ]
Known members arrests and names.
Julius Kivimäki, ‘zeekill’
Julius was a 17 years old Finish teenager at the time of conviction. He was convicted of 50700 charges related to computer crimes. The charges against Julius included data breaches, felony payment fraud, telecommunication harassment, and other counts related to fraud and violations of company secrets.
He received a two-year suspended sentence, undergoing monitoring of his online activities, but he didn’t serve any time in prison.
Julius Kivimäki, ‘zeekill’ in a recent interview
Vinnie Omari
Vinnie was 22 at the time, and he was from Twickenham, south-west London. He claimed responsibility for the Christmas attacks, and he was arrested by the police in the UK.
Zachary Buchta – ‘fbiarelosers’
Zachary was 19 years old at the time of his arrest. He was from Maryland, and he was one of the members behind the DDoS attacks against multiple gaming networks. He was charged with computer crimes associated with a series of DDoS attacks, stolen credit cards, and selling DDoS-for-hire services.
Bradley Jan Willem van Rooy – ‘UchihaLS’
Bradley was also 19 years old at the time of his arrest. He was from the Netherlands and he was charged with the same charges as Zachary. He also was one of the managers behind the Twitter account of Lizard Squad.
Conclusion
While the video game industry is no longer stranger to anonymous online attacks, be they outright hacking, DDoS attacks, etc., the case of the Lizard Squad escalated dramatically with the bomb threat. Even if the video game industry suffers from its shared of toxic players and fans at times, rarely do things escalated to this level of harassment.
Playstation and Xbox’s networks seem to be more stabilized these days, with more robust and improved defenses for these kinds of attacks. Maybe one of the reasons behind the improved robustness of their network could be the Lizard Squad attacks and the scare it caused to the gaming community worldwide.
References:
⦿ What will happen to the Lizard Squad hackers? | Hacking | The Guardian
⦿ Who are Lizard Squad? The hackers who took down PSN, Xbox Live and Facebook
⦿ Lizard Squad Hack PlayStation and Xbox
⦿ Lizard Squad Hacker Who Shut Down PSN, Xbox Live, And An Airplane Will Face No Jail Time
⦿ Why Hacker Gang ‘Lizard Squad’ Took Down Xbox Live and PlayStation Network