Lizard Squad that was behind cyber attacks on sony Playstation and Microsoft Xbox is back again this time not on video console makers but on Lenovo for wilfully compromising its Lenovo laptop users to “Superfish” add-on that makes the system vulnerable to steaing encrypted information.
The squad consisting of 7 members is a black hat hacking group, known for their claims of distributed denial-of-service (DDoS) attacks on gaming portals and video console makers.
Last year, on September 3, 2014, Lizard Squad said it had disbanded but returned soon later on, claiming responsibility for many attacks on prominent websites. Once, it has retweeted an FBI posting too on Twitter.
— FBI (@FBI) December 29, 2014
One known member of the group, Vinnie Omari, was arrested in 2006 on charges of “Enter into/concerned in acquisition/retention/use or control criminal property, Fraud by false representation – Fraud Act 2006, Conspire to steal from another, unauthorized computer access with intent to commit other offences” but was released on bail later.
On August 18, 2014, it claimed to have launched a DDoS attack on servers of the game ‘League of Legends’ and has taken it offline for sometime. On August 24, 2014 the PlayStation Network was taken down via a DDoS attack, with Lizard Squad claiming responsibility.
Again on November 23, 2014, Lizard Squad claimed they had attacked Destiny servers with a DDoS attack. On December 1, 2014, Xbox Live was reportedly attacked by them and users who tried to connect to use the service were given 80151909 error code. Next day, Lizard Squad hacked Machinima.com, replacing their front page with ASCII art of their logo. Again on December 8, 2014, the PlayStation Network was attacked but they did not claim responsibility for it though. Visitors were greeted with a message: “Page Not Found! It’s not you. It’s the internet’s fault.”
On December 22, 2014, Internet in North Korea was taken offline by a DDoS attack and Lizard Squad claimed responsibility for it and linked it to an IP address located in North Korea. The communist nation took a day to restore the Internet services.
Before christmas, Lizard Squad had threatened to take down gaming services on Christmas and on December 25, 2014 (Christmas Day), it claimed to have performed a DDoS attack on Xbox Live and PlayStation Network, though it was not known how far the attack lasted.
On the same day, a Sybil attack involving more than 3000 relays was attempted against the Tor network and nodes with names beginning with “LizardNSA” began appearing. Lizard Squad claimed responsibility for the attack. Tor relay node operator Thomas White said that Lizard Squad only managed to control “0.2743% of the network, equivalent of a tiny VPS”.
This year, on January 26, 2015, Lizard Squad has attacked the website of Malaysia Airlines, calling itself a “cyber caliphate”. Users were redirected to another page bearing an image of a tuxedo-wearing lizard, and reading “Hacked by Cyber Caliphate”, underneath this there was text reading “follow the cyber caliphate on twitter” after which the Twitter accounts of the Owner of UMG, “@UMGRobert” and CEO of UMG, “@UMG_Chris”.
The page also carried the headline “404 – Plane Not Found”, an apparent reference to the airlines’ loss of flight MH370 last March with 239 people. Malaysian Airlines, however, assured its customers that no customer data had been compromised. However, it is not known whether Lizard Squad’s association with the Islamic state was real or purported.
On January 26, 2015, social media networks including Facebook and Instagram were made unavailable to users, including Tinder and HipChat. Lizard Squad claimed responsibility for the attacks, via a posting on a Twitter account previously used by the group.
In another attack on the same day, Lizard Squad claimed to have compromised Taylor Swift’s Twitter and Instagram accounts and threatened to release nude photos in exchange for bitcoins. Taylor Swift retorted that ‘there were no naked pics’ and told the offenders to ‘have fun’ finding any.