Sign in with
Sign up | Sign in

Rival Hackers Take Credit for PlayStation Network Attack

By - Source: Tom's Guide US | B 8 comments
Tags :

It started with Sony's PlayStation Network, Sony Online Entertainment and Sony Entertainment Network services in North America on Sunday. Soon, other companies' online gaming services also had connection trouble, including Blizzard Entertainment's Battle.net and Microsoft's Xbox Live service.

In an echo of similar attacks on Sony's online services three years ago, two different hackers or hacker groups claimed credit for knocking Sony's North American gaming servers offline this weekend with a distributed denial-of-service (DDoS) attack.

MORE: 20 Best Free Android Games

PlayStation Network (PSN), which connects PlayStation 3, PlayStation 4 and PlayStation Vita consoles to let users download games and play each other, went offline some time yesterday (Aug. 24). So did Sony Online Entertainment (SOE), which hosts massively multiplayer games such as EverQuest, and Sony Entertainment Network, which streams video and music to Sony devices.

Sony had planned to take PSN offline today (Aug. 25) for scheduled maintenance, and some users first thought Sony might have pushed its schedule up by a day.

Instead, as Sony has confirmed, the outages were due to a DDoS attack, designed to knock servers offline by flooding them with more traffic than they can handle. Regular users are "denied service" to affected websites or networks. A "distributed" DoS attack indicates the malicious traffic originates from multiple sources.

Users' personal information did not appear to be affected, Sony said in a PlayStation Network blog post. All service was restored late Sunday night; today's scheduled PSN maintenance has been indefinitely postponed.

We hit Sony! No, I did

Who was behind the DDoS attack? During the outage on Sunday, a hacker or hackers called Lizard Squad claimed credit.

Lizard Squad also sent a bomb threat via Twitter to American Airlines — specifically against a flight to San Diego on which Sony Online Entertainment president John Smedley was aboard. American Airlines diverted the plane to Phoenix to search it for explosives; the aircraft later continued to its destination.

LizardSquad claimed on Twitter that it was protesting Sony's "greed," and said Sony should have put more money into the PlayStation Network. Several other Lizard Squad tweets expressed support for the Islamic militant group ISIS.

The FBI is investigating the bomb threat, a Sony representative told videogame-news site Shack News.

MORE: DDoS Attacks: What They Are, and How to Defend Against Them

Also on Sunday, a number of other online multiplayer games, including Hearthstone, Diablo III and World of Warcraft, went offline for several hours. All are published by Irvine, California-based Blizzard Entertainment and run on Blizzard's Battle.net service.

On Sunday night, some Xbox 360 and Xbox One users reported difficulty accessing Xbox Live (an Microsoft service similar to Sony's PSN). The issue appears to have mainly affected people trying to play Diablo III, a video game made by Blizzard.

Lizard Squad claimed credit for Blizzard's issues as well. Blizzard has not confirmed this or discussed the nature of its issues.

Another hacker has also claimed credit for the PSN hack, claiming he used jailbroken PlayStation consoles to initiate it. Called FamedGod, the hacker claims he conducted the DDoS attack, possibly using vulnerabilities in the Internet's own Network Time Protocol, to show Sony that its online services vulnerable.

FamedGod's Twitter feed did state at one point "Xbox is next," but did not include specific claims for attacks on gaming services besides Sony's -- other than to observe that "at least Xbox and Microsoft are smart and don't operate on one data center."

The BBC's Web servers, including its online news and iPlayer service. also went offline on Sunday, prompting some to speculate whether the issues were related to the PlayStation attack. The BBC has not confirmed that.

This isn't the first time

In April 2011, outrage over Sony's lawsuit against George Hotz, a young hacker who'd posted instructions for jailbreaking the PlayStation 3, led to the Anonymous hacktivist movement launching a DDoS attack against the PlayStation Network for a few days. (Hotz now works for Google's Project Zero initiative.) That attack collapsed in a flurry of negative feedback for Anonymous as gamers complained they couldn't get online.

Later that same month, a separate attack on the PlayStation Network, Sony Online Entertainment and Sony's Qriocity media-streaming service (later absorbed into the Sony Entertainment Network) led to the theft of private data pertaining to more than 100 million user accounts, including credit-card numbers. All three services were offline for more than three weeks.

The perpetrators of the second attack have never been identified. Spokesmen for Anonymous denied the movement was involved.

In the wake of the 2011 Sony attacks, an Anonymous splinter group calling itself LulzSec went on a merry rampage across the Internet for two months, attacking websites belonging to the CIA and News Corporation, embarrassing companies and governments for lousy security and taunting the authorities via Twitter.

Lizard Squad and FamedGod's stated motives for attack Sony in 2014 are similar to LulzSec's in 2011.

"Sony, yet another large company, but they aren't spending the waves of cash they obtain on their customers' PSN service," tweeted Lizard Squad.

"Hiding behind Amazon servers doesn't help you, Sony," tweeted FamedGod. "Learn and hire people for security, you cheap-ass company."

LulzSec abruptly quit in June 2011, stating its members were "bored," but its de facto leader, Hector "Sabu" Monsegur of New York, had already been arrested and was helping the FBI build a case against his fellow hackers.

Jill Scharr is a staff writer for Tom's Guide, where she regularly covers security, 3D printing and video games. You can follow Jill on Twitter @JillScharr and on Google+. Follow us @tomsguide, on Facebook and on Google+.

Discuss
Add a comment
Ask a Category Expert
React To This Article

Create a new thread in the Off-Topic / General Discussion forum about this subject

Example: Notebook, Android, SSD hard drive

  • 7 Hide
    mazty , August 25, 2014 10:40 AM
    Absolute idiot(s). DDoS on a corp? Meh. Bomb threats? Well, enjoy being hunted by the NSA. Can't wait to see the basement dweller pulled from his cheeto den into the sunlight and promptly slammed into a supermax where a lot more "slamming" will occur...
  • 1 Hide
    iogbrideau , August 25, 2014 10:54 AM
    It's hard to say who did it, Lizard Squad's been taking credit on twitter about the attacks that have been going on for about a week on multiple MMORPGs including WoW and LoL (and many others). Let's see what the future will tell us.
  • 5 Hide
    erick81 , August 25, 2014 11:21 AM
    When the FBI comes knocking on these morons I hope it's filmed.
  • Add your comment Display all 8 comments.
  • 3 Hide
    SteelCity1981 , August 25, 2014 11:32 AM
    aholes, these losers should be shot on on sight when they are caught.
  • 1 Hide
    pills161 , August 25, 2014 12:51 PM
    Quote:
    Absolute idiot(s). DDoS on a corp? Meh. Bomb threats? Well, enjoy being hunted by the NSA. Can't wait to see the basement dweller pulled from his cheeto den into the sunlight and promptly slammed into a supermax where a lot more "slamming" will occur...
    Chances are they don't have much experience with "slamming" period so on the upside they will get some finally in prison. Also no better way to protest others being greedy by preventing millions of people who paid for a service from using it.
  • 0 Hide
    drwho1 , August 25, 2014 1:37 PM
    bomb threats are especially heinous and I hope that they get caught and sent to prison where they belong. a hack could be thought of some kid "acting out" or a prank...

    but bomb threats even when or if intended as such are NO LAUGHING matter.
    this needs to be taken seriously with some serious prison time.
  • 0 Hide
    Brian Stull , August 25, 2014 5:24 PM
    Famedgod already admitted he didn't do it. In a response to a tweet to him saying "you didn't do it" famedgod says no shit Sherlock, see how easy it is to steal credit?" It was lizard squad.
  • 0 Hide
    DarthDiggler , August 28, 2014 8:25 AM
    [quoteno better way to protest others being greedy by preventing millions of people who paid for a service from using it.[/quote]

    Exactly I am so sick of people who want to use hacking and cyber attacks as some form of protest. In my eyes one of the main features of protest is standing up and being accounted for. If you hide behind a PC you aren't protesting you are just being a nuisance.

    How can one simultaneously say something is worth protesting and not show up and show your face? Would the civil rights protests have been as effective if there was no feet on the ground? The fact that so many people were willing to show up and show their support by being there spoke volumes and helped persuade minds on the issue.
React To This Article

Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter
  • add to twitter
  • add to facebook
  • ajouter un flux RSS