A tool used by the Lizard Squad hacking group to conduct distributed-denial of service (DDoS) attacks against the PlayStation Network and Xbox Live services over the holidays has been hacked, revealing the people who paid to use the tool against other websites.
Independent journalist Brian Krebs reports that a database revealed as a result of the hack shows that people spent around $11,000 worth of Bitcoin to make “thousands” of websites unavailable by flooding them with fake traffic originating from hacked routers.
Lizard Squad member “dragon” told the Daily Dot in December that the attacks against the gaming services over the holidays were a “marketing scheme” meant to demonstrate the tool’s ability to make even large services unavailable for prolonged periods of time.
The scheme worked: knocking the gaming services down for multiple days over the holiday week, which rendered countless video game consoles all but unusable right after many received them as Christmas gifts, garnered attention from millions of consumers.
A number of Lizard Squad members involved with the attacks have been arrested, mostly for actions unrelated to the DDoS attacks, including “swatting” others. (“Swatting” refers to the practice of making a false call to trick police into assaulting someone else’s home.)
Details about the people who used Lizard Squad’s tool to attack various websites were said to have been held in a plain-text database — an odd choice, considering the ease with which anyone could view information about the tool’s usage. I’d think a hacking group offering an illegal tool that can only be paid for with Bitcoin would’ve been more careful.
Source : Hacking the hackers: Lizard Squad’s DDoS-enabling tool has been compromised, Nathaniel Mott ( http://pando.com/2015/01/19/hacking-the-hackers-lizard-squads-ddos-enabling-tool-has-been-compromised/ )