Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.
News
News Categories

They had it coming? Lizard Squad website hacked

By Salehuddin Bin Husin - on 19 Jan 2015, 12:22pm

They had it coming? Lizard Squad website hacked

Lizard Squad aren't the first to offer such a service and they won't be the last.

If you're one of the thousands (millions?) affected by DDoS attacks on the PSN and Xbox Live gaming networks last year, you may be glad to hear that the group behind the hacks have been the target of a hack themselves.

But first a little bit of history. Those attacks we mentioned above? They were mainly advertisements which Lizard Squad used  to drum up business for their DDoS tool. Lizard Squad then set up a website they call the Lizard Stresser, where they offered to target sites to 'test' the network of the site in question. Ostensibly, the site's for network and security specialists to stress test their networks with a real world tool, but it is obviously a thinly veiled attempt at obscuring the fact that the group's available for paid attacks on a target, sort of like cyber hitmen.

The latest attack targeted the Lizard Stresser site. The breach didn't shut the site down, rather the hack infiltrated the user database and stole the information there, which of course was then released to the masses. Normally, confidential data like this would be encrypted but due to hubris (or simply not caring), the one for the Lizard Squad site stored the user details in plain text, unless the user opted to change their password. This meant that anybody who paid for attacks and didn't bother to have their password changed is compromised. We're not lawyers or the police so we don't know what's the penalty for having initiated a a cyber attack, but we're pretty sure it falls under several criminal charges.

While normally such a move would be frowned upon, authorities are actually looking at the list with intense interest as it could allow them to potentially solve cases of reported cyber attacks, Of course, hacking another hacking group (while satisfying), is itself a crime, though in this case it's highly unlikely the authorities (if they were even called in for the intrusion) would put any sort of priority in finding out the culprits.

Could this actually be one of the salvos fired in the war between Anonymous and Lizard Squad? The two groups have been at odds with each other for time now, and escalation is a definite possibility. Was it Anonymous though? If it was, nobody's talking.