Hackers allegedly behind Xbox and PlayStation network shutdown set sights on Tor

Widespread router vulnerability has been well-known for 1-2 years. I'm surprised that it took so long for someone to built a botnet from them. Anyway, I'm gathering that the kids busted in UK and Finland are just twits? Or spokespeople? And the operators are in Bosnia? I wonder whether the ISP is Bosnian or Serbian, and how cooperative they are these days with outsiders. We shall see, I guess.

 

How did you get to Bosnians and Sebians? Were there news about it?

 

http://krebsonsecurity.com/2015/01/lizard-stresser-runs-on-hacked-home-routers/

Edit: OK, so I had to look

 

Thanks. I had to look also.
It looks like they are using Cloudflare script on that login site. Afraid of DOS?

 

Anonymous breaks hacker stereotype, stands up for what is right

http://betanews.com/2015/01/10/anonymous-breaks-hacker-stereotype-stands-up-for-what-is-right/

 

More vulnerable and hacked router issues. I'm still wondering if a virtual router would be more secure. Even if they're not more secure, they'd be easier to repair. Just reboot the virtual unit.

 

I am unclear exactly how the routers are being used here.

In this attack, are the routers themselves infected, or does the malware just take advantage of default username/password to get through the router, and the actual bot infection is on compromised computers that are behind the router?

If it is the router that gets infected, is there a way to tell if your router is infected?

 

As I understand it, it's the router itself that's infected. Routers are computers, and can run suitable software for DDoS, and for finding other vulnerable routers and compromising them.

The simplest approach would be to shut down all of your computers, and then call support at your ISP. Ask them what traffic they see to and from the router. If the router is doing stuff that you aren't telling it to do, it's infected. Right?

 

Thanks.

I wonder if security software will someday have the ability to scan your router for malware.

 

Good routers can do that

 

Avast 2015 new feature: Home Network Security scanning

 

PSN down yet again for some PS4 and PS3 players

http://venturebeat.com/2015/01/13/psn-down-yet-again-for-some-ps4-and-ps3-players/

 

Teen Arrested in UK for Xbox, PlayStation Attacks
http://www.techmeme.com/150116/p6#a150116p6

 

http://krebsonsecurity.com/2015/01/another-lizard-arrested-lizard-lair-hacked/

 

Hack on PS and Xbox attackers leaks DDoS customers’ plaintext passwords

http://arstechnica.com/security/201...ers-leaks-ddos-customers-plaintext-passwords/

 

I don't understand why these type of people can't use their talent for good?

 

Yes, I too wonder about that.

But also, I wonder how they can manage to create such mayhem while being so clueless about basic OPSEC. Am I just too old to remember the fullness of being young and stupid?

 

According to Brian Krebs they don't have any talent at all and they haven't developed any of the tools they use:
http://krebsonsecurity.com/2014/12/lizard-kids-a-long-trail-of-fail/

Damaging other people is really easy, both in internet and in real life.

 

Lizard Squad DDoS-for-hire service hacked – users’ details revealed

http://www.welivesecurity.com/2015/01/19/lizard-squad-hacked/

 

That is just too funny

But all clients used pseudonyms and paid anonymously, right?

 

@ mirimir and it gets funnier.

Researcher says hacker group took $11k worth of bitcoin payments for its DDoS service, but stored usernames and passwords in plain text
http://www.theguardian.com/technology/2015/jan/19/lizard-squad-lizardstresser-site-hacked

 

[shakes head]

 

SONY offers digital rewards to victims of 2011 PSN (PlayStationNetwork) Hack

http://arstechnica.com/gaming/2015/01/sony-offers-digital-rewards-to-victims-of-2011-psn-hack/

 

Lizard Stresser Website Was Not Hacked, Lizard Squad Spokesperson Says

http://news.softpedia.com/news/Liza...d-Lizard-Squad-Spokesperson-Says-471087.shtml