You are here

BWAHAHAHAHA!

4 posts / 0 new
Last post
pax
BWAHAHAHAHA!

Nice SECURITY, 'Lizard Squad'. Your DDoS-for-hire service LEAKS
You just exposed your users to world+dog, buddy

A DDoS-for-hire service purportedly set up by the Lizard Squad hacking crew exposes registered users' login credentials.

The LizardStresser DDoS-on-demand service – a booter service powered by hacked home routers – is hopelessly insecure.

Details of more than 14,000 prospective users - whose passwords and usernames were carelessly stored in plain text, allowing investigative journalist Brian Krebs (and perhaps law enforcement) to get hold of its customer database.

Lizard Squad infamously took down the XBox Live and PlayStation Networks at Christmas, shortly before launching its DDoS-for-hire service. The service raked in $11,000 in Bitcoins from the small percentage of registered users who had paid funds into their account.

UK police last week arrested a second suspected member of the hacking crew as part of an ongoing US-UK investigation. Both suspects had been released on police bail pending forensic investigation on seized computer equipment. Finnish police have questioned another suspected Lizard Squad member.

Meanwhile Lizard Squad's "stresser" site and home page remain up and running, while the group continues to sling barbs at Brian Krebs and other adversaries through its Twitter account, @LizardMafia.

http://www.theregister.co.uk/2015/01/19/lizard_squad_ddos_for_hire_site_...

JFK
Yup.

Another little factoid :

Security by obscurity isn't.
At least as far as the advances ( current and future ) in processor speeds, power, algorithms are concerned.

Think about that and it's implications regarding log on credentials.

pax
you know

i reckon that the REAL spanking here will be that they will be extradited to the US to face trial and get royally SHAT ON by a very long sentence in a very shitty correctional establishment.
I would suggest a hard backed book down the back of their trousers as a first liner of defence :P

edit to add
https://krebsonsecurity.com/2015/01/another-lizard-arrested-lizard-lair-...

U.K. police declined to publicly name the individual arrested. But according to the Daily Mail, the youth is one Jordan Lee-Bevan. Known online variously as “Jordie,” “EvilJordie” and “GDKJordie,” the young man frequently adopts the persona of an African American gang member from Chicago, as evidenced in this (extremely explicit) interview he and other Lizard Squad members gave late last year.

https://twitter.com/gdkjordie
and here is why they are going to face court and time in America

Original post:

An individual using variations on the “Jordie” nickname was named in this FBI criminal complaint (PDF) from Sept. 2014 as one of three from the U.K. suspected in a string of swatting attacks and bomb threats to schools and universities across the United States in the past year. According to that affidavit, Jordie was a member of a group of males aged 16-18 who called themselves the “ISISGang.”

JFK
Pax wrote:
Pax wrote:

i reckon that the REAL spanking here will be that they will be extradited to the US to face trial and get royally SHAT ON by a very long sentence in a very shitty correctional establishment.

Or they will become head of security at some government agency.
Which would be really stupid since these are merely glorified script kiddies, but it is the government.

edit to add : thanks for the .PDf Pax. :)

Log in to post comments