LIZARD SQUAD is Back. Planning XBL Attack. "Biggest attack yet". [UP: XBL/PSN Down]

Miktar said:
Yup. China is currently the largest culprit here, having millions of infected PCs. South Korea comes in a close second, due to their superfast internet and "cyber cafe" culture where cheap PCs are set up to be rented out to play games on, and they're usually quite infected.
Click to expand...

MS should just cut of Chinese data transmission the second they see the rise in data traffic from China ;-)

Bad for the 3% Chinese xbox users but the other 97% of xbox users around the world would not see a problem.

But probably it will not be that easy :-)
 
Marcel said:
Your PC would have to have no antivirus, firewall, or basic safeguards against infection. That's probably a tall order for an internet-aware poster on GAF.
Click to expand...

The thing about malware is that it's a constant arms race. Even the best antivirus does nothing to protect the user against malware, since malware is just regular software, no viruses. It, technically, isn't doing anything an antivirus is worried about. But anti-malware software, like Malwarebytes, scans specifically for things like software that is doing something it's not supposed to - but each time Malwarebytes identifies and innoculates against one type of malware, a new strain arrives that doesn't set off any alarms.

You know those people who just click "next next next" when installing software from the internet, like say, a YouTube video downloader, etc - they're usually installing malware too, without realizing it. Toolbars for browsers, browser extensions, that all look harmless - but make your PC a part of a botnet.

So yeah, while GAF might not be a major contributor here, millions of random college kids, internet cafe users, around the world... does add up. And when OS creators try to help, by putting in things like UAC in Windows, people turn it off since the constant "do you want to run this?" messages annoy them.

Humans are the problem. :P
 
Miktar said:
The thing about malware is that it's a constant arms race. Even the best antivirus does nothing to protect the user against malware, since malware is just regular software, no viruses. It, technically, isn't doing anything an antivirus is worried about. But anti-malware software, like Malwarebytes, scans specifically for things like software that is doing something it's not supposed to - but each time Malwarebytes identifies and innoculates against one type of malware, a new strain arrives that doesn't set off any alarms.

You know those people who just click "next next next" when installing software from the internet, like say, a YouTube video downloader, etc - they're usually installing malware too, without realizing it. Toolbars for browsers, browser extensions, that all look harmless - but make your PC a part of a botnet.

So yeah, while GAF might not be a major contributor here, millions of random college kids, internet cafe users, around the world... does add up.
Click to expand...

Agreed. I'm just making the reasonable guess that (at the very least) people in this thread are on the up and up with regards to the personal security of their computer. No need for some to fear-monger by telling people to check their router or whatever.
 
BronsonLee said:
Somewhat related; they seem to be attacking Tor.

www.gizmodo.com/hackers-who-shut-do...source=gizmodo_facebook&utm_medium=socialflow
Click to expand...

I wonder if this will be the mistake they make.

They only have to trip up once to screw themselves over.

It's a waiting game really, it's too resource intensive to go full throttle after them because they aren't a threat, they are causing tremendous monetary damage and fucking up many peoples Christmas holidays, and I'm talking more about Engineers and such here more than gamers, but they aren't a threat to security currently so agencies aren't assigning a lot of resources to them, yet.

Eventually they will get too cocky and make a mistake and reveal themselves, or this will just catch up with them.

DDoS attacks can cost companies literally millions, it's not a laughing matter really.

Watching Norse is like watching fireworks today, insane.
 
Achilles_ said:
Is this confirmed Lizardsquad again?
Click to expand...

Lizard claims they've stopped, and are focused on something else (the Tor network). However the Norse darknet is still showing a *redonkulous* amount of attacks hitting the US right now, like, seriously. My browser can't even handle showing what is likely 2% of the actual scope of attacks.

klQSz9Z.png
Click to expand...

So who knows what's going on by now - copycat groups might be using this time to just do some damage while they can, since everyone will think it's LS.
 
Went out and bought GTA V and Second Son because I had no games. Expected this to be resolved by now. Oh well, if the attacks are truly over and Sony and MS are fixing server, they should be up by tonight or later this afternoon. Until then, it's GTA and Giant Bomb GOTY for me. Kinda excited to see if these fuckers get caught.
 
According to a source of mine, the people responsible are despicable assholes.

Took a day off to enjoy the PS4, play some War Thunder, cash in on some PS+ funds.

Fail.
 
Miktar said:
Lizard claims they've stopped, and are focused on something else (the Tor network). However the Norse darknet is still showing a *redonkulous* amount of attacks hitting the US right now, like, seriously. My browser can't even handle showing what is likely 2% of the actual scope of attacks. So who knows what's going on by now - copycat groups might be using this time to just do some damage while they can, since everyone will think it's LS.
Click to expand...

Why would copycat groups attack when they'll get none of the attention?
 
Lakitu said:
Why would copycat groups attack when they'll get none of the attention?
Click to expand...

This is conjecture, but - traditionally, large-scale DDoS attacks are used as a smokescreen to hide more malicious things, like *actual* hacking into secure places made unsecure due to their infrastructure being toppled. I wouldn't be surprised if a few groups are using yesterday's mess, and today's mess, to try and hit some payday by getting info or data they can sell. But I'm just guessing. Regardless, the two publicly-visible darknets that show DDoS activity are showing way higher than normal action, for whatever reason.
 
Miktar said:
Lizard claims they've stopped, and are focused on something else (the Tor network). However the Norse darknet is still showing a *redonkulous* amount of attacks hitting the US right now, like, seriously. My browser can't even handle showing what is likely 2% of the actual scope of attacks.



So who knows what's going on by now - copycat groups might be using this time to just do some damage while they can, since everyone will think it's LS.
Click to expand...
US is always getting hammered on that map :/ also it doesn't actually track real time attacks on other servers, it basically has servers all over the world that look like they have sensitive/useful/important data on them and then records traffic to/from those.
 
tghm1801 said:
US is always getting hammered on that map :/ also it doesn't actually track real time attacks on other servers, it basically has servers all over the world that look like they have sensitive/useful/important data on them and then records traffic to/from those.
Click to expand...

Yup, Norse and Arbor have their own darknets, or "network telescopes" as they're called, seeded with thousands of honeypots and general sensors on various IP ranges, which they use to get a kind of "snapshot" of data hitting wide on the internet. Like buoys out at sea that track the weather, acting as an early warning system for storms.
 
Miktar said:
This is conjecture, but - traditionally, large-scale DDoS attacks are used as a smokescreen to hide more malicious things, like *actual* hacking into secure places made unsecure due to their infrastructure being toppled. I wouldn't be surprised if a few groups are using yesterday's mess, and today's mess, to try and hit some payday by getting info or data they can sell. But I'm just guessing. Regardless, the two publicly-visible darknets that show DDoS activity are showing way higher than normal action, for whatever reason.
Click to expand...

great post.

DDOS attacks are usually used by actual hackers to monitor how an organization responds to the attack. overtime analytics will show trends. you can then use a DDOS attack to make everyone focus their resources to combat the DDOS attack, and letting their guard down in other areas.
 
Miktar said:
You are right - and have a right to be angry. Sony does need better infrastructure, and might want to invest in a new or better DDoS mitigation partner. But it is simply impossible to outright prevent any kind of poor end-user experience when a DDoS of this size is aimed at a company's online assets. It's a problem with the entire way the internet works, sadly.
Click to expand...

What is the actual size of the attack though? The idea that seems to be floating around right now on Gaf paints a group of sad outcast kids with no real hacking knowledge or skill playing with a botnet they barely understand. Or is it actually the fiercest and larger scale ddos attack ever carried out against an entertainment services provider? Cause it can hardly be both.
 
Miktar said:
This is conjecture, but - traditionally, large-scale DDoS attacks are used as a smokescreen to hide more malicious things, like *actual* hacking into secure places made unsecure due to their infrastructure being toppled. I wouldn't be surprised if a few groups are using yesterday's mess, and today's mess, to try and hit some payday by getting info or data they can sell. But I'm just guessing. Regardless, the two publicly-visible darknets that show DDoS activity are showing way higher than normal action, for whatever reason.
Click to expand...

Not really related but someone did hack my twitter (I barely ever use it) this morning and followed a bunch of gaming/Esports people on twitter.

I think it's actually more related to the adobe hack a year or two back though.
 
jimboton said:
What is the actual size of the attack though? The idea that seems to be floating around right now on Gaf paints a group of sad outcast kids with no real hacking knowledge or skill playing with a botnet they barely understand. Or is it actually the fiercest and larger scale ddos attack ever carried out against an entertainment services provider? Cause it can hardly be both.
Click to expand...

it can be neither, too.
 
hedmunky84 said:
This is just completely unacceptable now! Both Sony and Microsoft get taken down, no surprise that XBL is getting going again much faster than Sony. I do not own an XBone, but I do a 360, and I never experienced anything yesterday. Unlike PSN on my PS4. I own a PS3 and it's core service was back up late last night. The PSN Store isn't though. And here is south Missouri I still have nothing on my PS4. I could play something offline, but my experience is that when I earn a trophy offline it doesn't register even when online services are running and I get logged on. So I'm not wasting my time. I'll play some backlogged games on my 360. Sony needs to take a hard look at ways to prevent this sh!t from happening again. It happens every month or so. PSN should be CPSN (Can't Play Sh!t Network)!

Also the rumor that Sony is giving a "Welcome Back" package, 2 free games, better be true. And M$ should do the same. We deserve, NO! WE ARE ENTITLED TO THEM because of their incompetence to keep networks up through attacks. I used to work for an ISP and DDoS attacks went through are networks all the time. It is NOTHING to stop them even before they go through to their intended destination.
Click to expand...

lol, such vigor.
 
jimboton said:
What is the actual size of the attack though? The idea that seems to be floating around right now on Gaf paints a group of sad outcast kids with no real hacking knowledge or skill playing with a botnet they barely understand. Or is it actually the fiercest and larger scale ddos attack ever carried out against an entertainment services provider? Cause it can hardly be both.
Click to expand...

Some sources put yesterday's attack at 400Gbps - which is only a baseline, since smurfing and amplification can make that number a whole lot bigger on the receiving end. A very large botnet, primarily situated in China, is doing the attacking.

The botnet is large, and was/is engaging in a pretty big DDoS against PSN and XBL, currently Tor. The question is, who told the botnet what to attack?

Anyone can buy access to a botnet if you know where to look, and the more you pay the more power you can buy into. So yes, if Lizardsquad really is instigating these attacks, it's likely they're just a bunch of individuals (or just one), who used stolen credit card information to buy botnet time, and cause a ruckus. Lizardsquad *could* be a legit hacking group that actually owns the large botnet we see in action right now, and are using these attacks to cover for more malicious hacking actions, but there is no way of really knowing.

So I guess it depends on which one you think is more likely. There's also a good chance this is just another 4chan lulzsec/anon action to stir the pot a little.
 
hedmunky84 said:
LizSquad are just Anonymous wannabees. I hope they all die or better yet get rapped in prison everyday for the rest of their lives.
Click to expand...

Bit harsh brah. You should probably find another hobby for a while if gaming offline makes you think like that. I'm not thrilled but I don't wish harm.
 
Shit, this is what I get for breaking my rules and buying digital games on ps4 : P
I can't play Ground Zeroes since it can't reach the server. I forgot this was going on untilo I just tried to play it. I wish it didn't have to check the license every single time. Once It's confirmed on my ps4, it needs to stay. Even if I can't use online features, I feel like it should remember and let my play single player anyways.
 
j_rocca42 said:
I thought Kim dotcom made a deal with these guys so they'd stop? But both xbl and psn are still having problems. What gives?
Click to expand...
Nothing you read is real anymore, there's a lot of misinformation being thrown around.

ShinUltramanJ said:
Good. Stop providing a stage for these idiots to play their games on.
Click to expand...
All of us using their name and the media using their name - as if that helps anymore than "hacker group"- isn't helping either, we're talking about them which is something I'm sure they're enjoying. I prefer just "the assholes who shutdown PSN".
 
PSN is definitely working for PS3. I can access the playstation store also. Still waiting on PSN for PS4 since I can't purchase the ps4 version of Guilty Gear Xrd from my ps3. lame
 
US attacks only? But, come on, all the PSN servers can't all be in the US right? Looking at that map, Scandinavia (where i live), is unscathed and PSN is still down over here. But hey, why put servers in Scandinavia...
 
Drifters said:
Where is Obama on this? I mean he commented on The Interview hack surely this is worth his time too!
Click to expand...

That was a hack that caused a metric fuckton of personal information, including social security numbers and executive-level emails, to be released to the public. The blame was placed on another nation, so it became a political and international incident.

This, is a DDoS attack, which while bad, is not quite in the same league. Though perhaps it should be considered as serious, though that would mean Obama would have to give a statement on this not being military action from China?

waypoetic said:
US attacks only? But, come on, all the PSN servers can't all be in the US right? Looking at that map, Scandinavia (where i live), is unscathed and PSN is still down over here. But hey, why put servers in Scandinavia...
Click to expand...

This is a compound problem. While the DDoS attacks did do damage, even after they end there will be some lasting effects, and on top of that, the flood of Christmas consoles coming online with people trying to create accounts and sign in (which is like an unintentional DDoS). Why you might be having issues in Scandinavia might not be because of the servers in the actual region, but due to how those servers need to interact with the overall European PSN infrastructure. It's hard to say for sure, since we aren't privy to the complete picture with how Sony manages PSN.
 
You must log in or register to reply here.

Similar threads

PSN is down (Update: Back up)
19 20 21 22 23
1K
68K
Negotiator replied
Was all these gaming events already planned or is this an orchestrated attack on Switch 2's release?
2 3
134
135
HRK69 replied
  • Locked
Ubisoft to release Assassins Creed Shadows on the same date as the biggest terrorist attack in Japan's history
2
67
5K
Complistic replied
The First Berserker: Khazan Demo Live on PSN/XBL/Steam - Progress Carries to Full Game
2
65
4K
Dorfdad replied
Angry From Software fan attacks Shuhei Yoshida, Shu replies back
Drama Community Cringe 
31
2K
near replied
Top Bottom