Modern field guide to security and privacy

Lizard Squad plans Christmas Day encore with Xbox, PlayStation attacks

Remember last year? The hacking group Lizard Squad, best known for online pranks and targeting gaming networks, took down PlayStation and Xbox on Christmas Day. Now, it's threatening to do the same this year, and the hackers have help.

Lucy Nicholson/Reuters
Attendees walk past a Microsoft Xbox sign opposite a Sony PlayStation sign at the Electronic Entertainment Expo, or E3, in Los Angeles, California, United States, June 16, 2015. REUTERS/Lucy Nicholson

The digital Grinch may be coming for gamers again this Christmas.

Just like last year, the infamous hacking group known as Lizard Squad has threatened to deploy a distributed denial of service, or DDoS, attack against Microsoft Xbox and Sony PlayStation servers on Christmas Day.

And it's not only Lizard Squad this year that's taking aim at gaming networks. A new group known as Phantom Squad is also warning it will unleash a torrent of Web traffic intended to shut down Xbox and PlayStation networks.

Probably best known for their previous attacks on video games, and as briefly suspected in the Sony Pictures hack last year, Lizard Squad's greatest coup was probably disrupting the Xbox and PlayStation networks just as tens of thousands of families were plugging in new game systems on Christmas Day.

Given the outfit's success targeting game networks, and the difficulty of defending against DDoS attacks, gamers everywhere may once again be out of luck if they're hoping to use connected features on Xbox or Playstation on one of the biggest gaming days of the year.

Why do they do it? Mostly for the "lulz," or laughs, or simply because they can.

When asked what Microsoft was doing to prepare for tomorrow's promised attack, a spokesperson wrote that "security of Xbox Live is an ongoing concern" and "a top priority" but was unwilling to share more details. Sony could not be reached for comment.

Lizard Squad hasn't made much noise lately. Some hackers associated with the outfit were arrested earlier this year, leading to much speculation that the group may dissolve. But the hackers weren't convicted, and their antics resumed in the spring, and continued throughout the summer and fall.

Lizard Squad knocked down "Call of Duty" servers over Thanksgiving, for example. It also resumed regular attacks on Twitch, a social media and live streaming gaming platform.

While the group has become well known for DDoS, one Lizard Squad member nicknamed "komopopo" told Passcode they aren't behind most of the attacks for which they are blamed. Still, they appear all too happy to take credit even when it's not due.

In general, DDoS attacks have become routine – and an almost daily problem – in the video game community. Gaming personalities on YouTube, for instance, have long complained that DDoSers targets competitive matches and even cost players championship money and titles. In April 2013, hackers attacked a Chinese Dota 2 competition with DDoS, allegedly to win a $20,000 bet the hacker had placed on the game.

DDoS is a particularly deadly form of attack because hackers can marshall hundreds of thousands of computers in a botnet that all attempt to connect to a server at the same time. 

These types of "attacks can be complex," explained Justin Bauer, a security analyst at DDoS protection company DOSArrest. What's more, he said, filtering traffic and protecting a service from interruption is harder for gaming companies because "many of these games are transmitting in a proprietary manner exclusive to the game and company that created the game."

Efforts to remedy the DDoS problem in the past have included video game company Riot Games threatening legal action against DDoSers in 2012. In 2014, the massively multiplayer online role-playing game Wurm offered 10,000 euros for tips that led to the identity of whoever was DDoSing their servers.  

The Lizard Squad member Komopopo says one countermeasure Sony has used is DDoS protection from Prolexic Technologies. But that appeared to have an adverse effect on some customers who, unbeknownst to them, owned computers that were used in the botnet attack on PlayStation. 

"A lot of people who were actually indirectly participating in attacks got blacklisted," said Komopopo. Most people don't realize they are part of this botnet, and in this case, were participating in a DDoS attack against Sony.

Another Lizard Squad member who resides overseas and goes by "Ryan" (real name Julius Kivimäki) claimed to have spoken with a Prolexic employee after one of their biggest attacks this summer, and "they said there was basically nothing they could do."

Prolexic Technologies, which is owned by the content delivery giant Akamai, said it was their policy to not comment on other companies.

Because of attacks on the gaming community, individual gamers are doing more to guard against hackers. Reese Leysen, a YouTube gaming personality operating out of Belgium, says groups such as Lizard Squad and Phantom Squad were "bound to happen since most sites and services are vulnerable."

Mr. Leysen says many gamers have "become much more knowledgeable over the past years in terms of how to avoid" DDoS attacks. Those countermeasures include using virtual private networks and setting up proxy servers, all of which can be "quite costly and complicated," he said.

Gamers who use services such as Twitch are also vulnerable. The company is "developing an education portal to address best practices in this area," said a Twitch spokesperson.

"DDoS attacks rely on gaining access to a broadcaster's IP address which they can't access via Twitch," wrote the representative. "Therefore, it's important to be savvy when it comes to protecting your information on other services."


You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to

QR Code to Lizard Squad plans Christmas Day encore with Xbox, PlayStation attacks
Read this article in
QR Code to Subscription page
Start your subscription today