backtop


Print 74 comment(s) - last by EricMartello.. on Jun 20 at 12:15 AM


The Lulz ship is busy firing its DDoS "cannons" at hapless gamers.  (Source: LulzSec)

The group claims to infected users of 4Chan's "random" (/b/) board to use as a botnet for DDoS attacks.  (Source: StarCraft Mazter)
Group is waiting to address more takedown requests, says DDoS attacks aren't real hacks

Legendary griefers LulzSec ("Lulz Security") -- the self-proclaimed "concentrated-success" of 4Chan's 2005-era /b/ message board -- don't seem overly concerned about being "hunted down" by 2011-era /b/ fans ("damn furries" or "/b/tards" as LulzSec calls them). Fans flocked to the message board upset about LulzSec's attacks on popular gaming services like EVE Online.

The group proclaimed on Tuesday:

Call into 614-LULZSEC and pick a target and we'll obliterate it. Nobody wants to mess with The Lulz Cannon - take aim for us, twitter. #FIRE

In addition to attacks on League of LegendsEVE Online, and Minecraft, the group attacked gaming magazine The Escapist, and government-software contractor Finfisher, as we summarize here.

But the group also let slip that it's waiting on 8 phone requests for additional targets.  It's unclear whether the group will hit those targets today, or take a break from firing its DDoS "cannon".

LulzSec implied in one tweet that it's infecting 4Chan users and using their machines in a distributed denial of service (DDoS) botnet.  The group writes:

The best part about making 50% of all /b/tards our bots is that they leave their daddy's laptops on 24/7, more bandwidth for us. :3

The fact that the group is taking phone calls at a time when they've attacked the U.S. government from several angles is rather bold -- some would say foolish.  Clearly the art of phone obfuscation is not dead, given that no arrests have been made yet, despite the group's active call line, which is surely being observed by the U.S. Federal Bureau of Investigation and others.

DDoS hacks aren't "official" hacks according to the band of bandits.  They state:

We didn't hack any games, we just DDoS'd them with our not-to-be-messed-with Lulz Cannon. :D We did hack these though: lulzsecurity.com/releases

We'll keep you updated on who gets hacked/DDoSed next "for the lulz".

Update: Wed. June 15, 2011 12:50 p.m. --

It appears that LulzSec has taken down the server for MMORPG Heroes of Newerth (a game very similar to World of Warcraft).  The group mocks that Defense of the Ancients ("DotA") custom scenario for Warcraft III: Reign of Chaos "is better."

The group also posted to Twitter that it's preparing for another EVE Online attack.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: I called, nobody home.
By RadnorHarkonnen on 6/15/2011 1:00:11 PM , Rating: 2
So far they have been just playing script kiddies. Why just they don't move to better targets ?

Taking down some network gear would be cool for starters. There are several ways to do it. Taking down root DNS servers would be an excellent point. You don't need to take down everything,you just need to know where the exit point is for example. With time and preparation that is easly planned. Now that would be what i call a sophisticated and structured attack.

SQL Injections and Botnets are so blunt and last century.


RE: I called, nobody home.
By Gzus666 on 6/15/2011 2:14:20 PM , Rating: 2
How do you propose they take it down? Even if they took it down, do you really think it will matter? The entire Internet backbone, especially at Level 3, is redundant as hell. Exit points on Tier 1 providers are usually multiple gigs and have multiple exits. On top of that, you likely run through them at some point, so you will be knocking yourself down.


RE: I called, nobody home.
By Laereom on 6/15/2011 2:52:27 PM , Rating: 2
I agree, which is why I think this is good thing.

If we can't defend against these pitiful attacks a freshman CS major could write the code for, what are we going to do in a cyber war? I hope this forces the world to wake up and start taking computer security seriously.


RE: I called, nobody home.
By Gzus666 on 6/15/2011 3:16:38 PM , Rating: 2
If I send you five million letters, how do you defend your mailbox? You can throw them away, but if I did it non-stop for a period of time, you can't do much except get them and throw them away, but if I do it fast enough, you can't keep up. There are mitigation techniques, but DDOS is a hard thing to defend against.

SQL attacks on the other hand are clearly administrator issues, but don't lump everything together.


RE: I called, nobody home.
By Mitch101 on 6/16/2011 8:41:43 PM , Rating: 2
Simple turn on my mailbox to only accept messages from people in the address book and to delete all others.


RE: I called, nobody home.
By Gzus666 on 6/17/2011 12:02:39 PM , Rating: 2
quote:
Simple turn on my mailbox to only accept messages from people in the address book and to delete all others.


Cool, didn't know your real life mailbox has an address book and a delete option. Not real up on analogies, are you chief?


RE: I called, nobody home.
By Mitch101 on 6/18/2011 9:20:01 PM , Rating: 2
Return to Sender


RE: I called, nobody home.
By nevermore781 on 6/15/2011 2:58:57 PM , Rating: 2
they could easily write a program to DDoS a whole ASNumber rather than 1 IP. Take out the ASNumber and you've killed BGP and failover. Botnets are powerful if you know what you're doing with them but it would still have to be a very large botnet to kill a whole AS.


RE: I called, nobody home.
By Gzus666 on 6/15/2011 3:11:38 PM , Rating: 2
How do you DDOS an AS number? It is not an addressable thing. Any carrier worth their weight only allows communication with specific peers on the edge. You can't kill an AS, cause it is just a domain, you might have 100 routers in that one domain. I would have to see what you actually plan to do, but I have no Earthly idea how you would take down an AS number. The AS is literally just an identifier used in the BGP header, it isn't an actual device. I don't think you really understand how BGP works.

I suspect what you actually mean, unbeknownst to you, is send out fake updates to BGP and either black hole a whole routing block or the entire table or just shutdown the peering. Again, this is a complex feat and there are multiple exits so BGP will recover just fine.


RE: I called, nobody home.
By chrnochime on 6/15/2011 5:03:06 PM , Rating: 2
Do you have any idea what you're babbling about? If you know your BGP you wouldn't be spouting stuff like "take out ASNumber". That's like saying trying to "take out" OSPF process number.


RE: I called, nobody home.
By Gzus666 on 6/15/2011 5:08:29 PM , Rating: 2
quote:
Do you have any idea what you're babbling about? If you know your BGP you wouldn't be spouting stuff like "take out ASNumber". That's like saying trying to "take out" OSPF process number.


What, you don't know you can totally send directed DDOS attacks to internal process IDs? Much in the same way you can stab ideas and shoot thoughts. TAKE THAT ABSTRACT!


RE: I called, nobody home.
By RadnorHarkonnen on 6/15/2011 6:34:29 PM , Rating: 2
While im not in the area of external routing protocols like BGP or IS-IS and others, OSPF has several vulnerabilities. Most of the attack you CAN make is not at OSPF process ID, but link state calculations and and election events.

L2, spanning tree at first seems bullet proof. And it is. But is also highly complex, and i rarely see it 100% well implemented leaving plenty of room for an "ICE 9" type of attack on election and VTP routines.

A Denial Of Service can come in different forms. And soemtimes there is no need to hack anything. Just expect tecnology to work "as designed"

Honestly, if i knew more about BGP, i could have better ideas.


RE: I called, nobody home.
By Gzus666 on 6/15/2011 7:45:54 PM , Rating: 2
quote:
While im not in the area of external routing protocols like BGP or IS-IS


And you lose all credibility. IS-IS is an internal routing protocol, link state no less, just like OSPF. BGP is the only external routing protocol currently used.

I wasn't sure if you were dumb or just didn't understand the language, but you obviously have no idea what you are talking about.

I'm sure everyone is hacking spanning tree and friggin' OSPF, what a joke. None of this stuff seems bulletproof, but you have to point out valid vulnerabilities, not made up garbage stemming from a complete lack of knowledge on the subject.

Honestly, if you knew more about BGP, I would be terrified about what garbage you would make up.


"The whole principle [of censorship] is wrong. It's like demanding that grown men live on skim milk because the baby can't have steak." -- Robert Heinlein

Related Articles
Welcome to 2011, Year of the Hacker
June 14, 2011, 9:40 PM













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki