Print 74 comment(s) - last by EricMartello.. on Jun 20 at 12:15 AM

The Lulz ship is busy firing its DDoS "cannons" at hapless gamers.  (Source: LulzSec)

The group claims to infected users of 4Chan's "random" (/b/) board to use as a botnet for DDoS attacks.  (Source: StarCraft Mazter)
Group is waiting to address more takedown requests, says DDoS attacks aren't real hacks

Legendary griefers LulzSec ("Lulz Security") -- the self-proclaimed "concentrated-success" of 4Chan's 2005-era /b/ message board -- don't seem overly concerned about being "hunted down" by 2011-era /b/ fans ("damn furries" or "/b/tards" as LulzSec calls them). Fans flocked to the message board upset about LulzSec's attacks on popular gaming services like EVE Online.

The group proclaimed on Tuesday:

Call into 614-LULZSEC and pick a target and we'll obliterate it. Nobody wants to mess with The Lulz Cannon - take aim for us, twitter. #FIRE

In addition to attacks on League of LegendsEVE Online, and Minecraft, the group attacked gaming magazine The Escapist, and government-software contractor Finfisher, as we summarize here.

But the group also let slip that it's waiting on 8 phone requests for additional targets.  It's unclear whether the group will hit those targets today, or take a break from firing its DDoS "cannon".

LulzSec implied in one tweet that it's infecting 4Chan users and using their machines in a distributed denial of service (DDoS) botnet.  The group writes:

The best part about making 50% of all /b/tards our bots is that they leave their daddy's laptops on 24/7, more bandwidth for us. :3

The fact that the group is taking phone calls at a time when they've attacked the U.S. government from several angles is rather bold -- some would say foolish.  Clearly the art of phone obfuscation is not dead, given that no arrests have been made yet, despite the group's active call line, which is surely being observed by the U.S. Federal Bureau of Investigation and others.

DDoS hacks aren't "official" hacks according to the band of bandits.  They state:

We didn't hack any games, we just DDoS'd them with our not-to-be-messed-with Lulz Cannon. :D We did hack these though:

We'll keep you updated on who gets hacked/DDoSed next "for the lulz".

Update: Wed. June 15, 2011 12:50 p.m. --

It appears that LulzSec has taken down the server for MMORPG Heroes of Newerth (a game very similar to World of Warcraft).  The group mocks that Defense of the Ancients ("DotA") custom scenario for Warcraft III: Reign of Chaos "is better."

The group also posted to Twitter that it's preparing for another EVE Online attack.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: I called, nobody home.
By nevermore781 on 6/15/2011 2:58:57 PM , Rating: 2
they could easily write a program to DDoS a whole ASNumber rather than 1 IP. Take out the ASNumber and you've killed BGP and failover. Botnets are powerful if you know what you're doing with them but it would still have to be a very large botnet to kill a whole AS.

RE: I called, nobody home.
By Gzus666 on 6/15/2011 3:11:38 PM , Rating: 2
How do you DDOS an AS number? It is not an addressable thing. Any carrier worth their weight only allows communication with specific peers on the edge. You can't kill an AS, cause it is just a domain, you might have 100 routers in that one domain. I would have to see what you actually plan to do, but I have no Earthly idea how you would take down an AS number. The AS is literally just an identifier used in the BGP header, it isn't an actual device. I don't think you really understand how BGP works.

I suspect what you actually mean, unbeknownst to you, is send out fake updates to BGP and either black hole a whole routing block or the entire table or just shutdown the peering. Again, this is a complex feat and there are multiple exits so BGP will recover just fine.

RE: I called, nobody home.
By chrnochime on 6/15/2011 5:03:06 PM , Rating: 2
Do you have any idea what you're babbling about? If you know your BGP you wouldn't be spouting stuff like "take out ASNumber". That's like saying trying to "take out" OSPF process number.

RE: I called, nobody home.
By Gzus666 on 6/15/2011 5:08:29 PM , Rating: 2
Do you have any idea what you're babbling about? If you know your BGP you wouldn't be spouting stuff like "take out ASNumber". That's like saying trying to "take out" OSPF process number.

What, you don't know you can totally send directed DDOS attacks to internal process IDs? Much in the same way you can stab ideas and shoot thoughts. TAKE THAT ABSTRACT!

RE: I called, nobody home.
By RadnorHarkonnen on 6/15/2011 6:34:29 PM , Rating: 2
While im not in the area of external routing protocols like BGP or IS-IS and others, OSPF has several vulnerabilities. Most of the attack you CAN make is not at OSPF process ID, but link state calculations and and election events.

L2, spanning tree at first seems bullet proof. And it is. But is also highly complex, and i rarely see it 100% well implemented leaving plenty of room for an "ICE 9" type of attack on election and VTP routines.

A Denial Of Service can come in different forms. And soemtimes there is no need to hack anything. Just expect tecnology to work "as designed"

Honestly, if i knew more about BGP, i could have better ideas.

RE: I called, nobody home.
By Gzus666 on 6/15/2011 7:45:54 PM , Rating: 2
While im not in the area of external routing protocols like BGP or IS-IS

And you lose all credibility. IS-IS is an internal routing protocol, link state no less, just like OSPF. BGP is the only external routing protocol currently used.

I wasn't sure if you were dumb or just didn't understand the language, but you obviously have no idea what you are talking about.

I'm sure everyone is hacking spanning tree and friggin' OSPF, what a joke. None of this stuff seems bulletproof, but you have to point out valid vulnerabilities, not made up garbage stemming from a complete lack of knowledge on the subject.

Honestly, if you knew more about BGP, I would be terrified about what garbage you would make up.

"We’re Apple. We don’t wear suits. We don’t even own suits." -- Apple CEO Steve Jobs
Related Articles
Welcome to 2011, Year of the Hacker
June 14, 2011, 9:40 PM

Most Popular ArticlesAre you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Leaked – Samsung S8 is a Dream and a Dream 2
September 25, 2016, 8:00 AM
Inspiron Laptops & 2-in-1 PCs
September 25, 2016, 9:00 AM
Snapchat’s New Sunglasses are a Spectacle – No Pun Intended
September 24, 2016, 9:02 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki