PhantomSquad Hackers Begin Their Xmas DDoS Attacks By Taking Down EA Servers (softpedia.com)

← Back to Stories (view on slashdot.org)

PhantomSquad Hackers Begin Their Xmas DDoS Attacks By Taking Down EA Servers (softpedia.com)

Posted by timothy on Thursday December 24, 2015 @08:55AM from the bad-childhoods dept.

An anonymous reader writes: The hacking crew was not kidding about their Christmas DDoS attacks on Xbox & PSN. This morning the group started warmup attacks on the EA network, taking it down for 3 hours. The attacks were severe enough to take down the network completely, and EA issued apologies on its Twitter account. Phantom Squad is now carrying out DDoS attacks on PSN. Users started reporting outages in small areas around the world.

57 of 127 comments (clear)

Min score:

Reason:

Sort:

Refresh my memory by Revek · 2015-12-24 09:02 · Score: 5, Interesting

Whats the goal? Is to just be pricks?
1. Re:Refresh my memory by cfalcon · 2015-12-24 09:09 · Score: 5, Insightful
  
  The DDOS attacks will continue until network infrastructure prevents it.
  I think this group wants a name for themselves, and that may be the end of it, but who knows. The point isn't to ask why the rain falls- it's to wonder why we can't build a roof.
2. Re:Refresh my memory by Anonymous Coward · 2015-12-24 09:10 · Score: 3, Insightful
  
  Whats the goal? Is to just be pricks?
  What else are you going to do from mom's basement? Especially when the girl you've never actually talked to has gone to visit relatives and you turned off her phone?
3. Re:Refresh my memory by gweilo8888 · 2015-12-24 09:14 · Score: 4, Insightful
  
  They're just trying to inflate their sense of self-importance, and calling them hackers as this article does helps accomplish that. Just like terrorists, the only way to stop these assholes is to stop giving them the spotlight (unless it is to mock them). Either call them what they are -- script kiddies -- or just don't talk about them at all. Even if they manage to DDOS your favorite game server, in the bigger picture they've accomplished nothing at all. Get up, stretch your legs, find something else to do and ignore them. It's what they deserve.
4. Re:Refresh my memory by Phoenix+Rising · 2015-12-24 09:14 · Score: 1
  
  To prove that anarchist pajamas-in-Mom's-basement types can be more antisocial than Scrooge and the Grinch, perhaps. Otherwise, I can't even begin to guess at what bright flame of sub-genius decided this would be a good idea.
  
  --
  Let us live so that when we come to die, even the undertaker will be sorry -- Mark Twain
5. Re:Refresh my memory by Deadstick · 2015-12-24 09:19 · Score: 1, Interesting
  
  Same motivation as any other vandal or bully: losers wanting to impose their will, the only way they know how. Straight-up male-primate shit.
6. Re:Refresh my memory by tehlinux · 2015-12-24 09:20 · Score: 1
  
  >Whats the goal? Is to just be pricks?
  They are attention whores. I've been referring to them as lizard squad in hopes it will piss them off.
  
  --
  Most linux users don't know this, but the man pages were named after Chuck Norris. Chuck Norris fsck'ing hates noobs!
7. Re:Refresh my memory by Anonymous Coward · 2015-12-24 09:29 · Score: 1
  
  Are you talking about EA or the hackers?
  I'm... having trouble knowing who to root for here. Is there any way they can both lose?
8. Re:Refresh my memory by Anonymous Coward · 2015-12-24 09:33 · Score: 1
  
  They're just trying to inflate their sense of self-importance, and calling them hackers as this article does helps accomplish that. Just like terrorists, the only way to stop these assholes is to stop giving them the spotlight (unless it is to mock them). Either call them what they are -- script kiddies -- or just don't talk about them at all. Even if they manage to DDOS your favorite game server, in the bigger picture they've accomplished nothing at all. Get up, stretch your legs, find something else to do and ignore them. It's what they deserve.
  ^ This, too many people call these Dumb A's "hackers". DDOS attacks are not "hacking" anything. Just some punks looking for their 2 mins of fame. To my knowledge (limited) these types of attacks can’t be prevented, so it’s not even a matter that they are "exposing" anything that can be upgraded. It would be one thing if it was a decrypting issue where customer data was being hacked (PSN network hack years ago), these guys are just A-Holes.
9. Re:Refresh my memory by meerling · 2015-12-24 09:35 · Score: 3, Insightful
  
  In short, Yes.
  Though I did hear a rumor that they were also doing it to demonstrate their attack system so they can sell/rent it to people.
  There are many ways to demonstrate something like that, but of course, they chose to do it in a gratuitously mean fashion that will piss of lots of people.
  Other than that, they're just trying to wave their dicks around. Pretty much a failure at impressing anyone, it's not like this is a new accomplishment or anything, they are just doing the same thing lots of people have done before them, so their just a bunch of wannabe griefers with little to no talent.
10. Re: Refresh my memory by Anonymous Coward · 2015-12-24 09:36 · Score: 1
  
  If I park my car in the middle of the interstate I can disrupt traffic too, doesn't take any brains to do it tho. Just like their ddos.
11. Re:Refresh my memory by Bite+The+Pillow · 2015-12-24 09:44 · Score: 1
  
  Anger, probably. Two time worst company, barely lost a threepeat. EA has improved, but not enough.
  http://consumerist.com/2014/03...
12. Re:Refresh my memory by Anonymous Coward · 2015-12-24 10:21 · Score: 3, Funny
  
  This is pretty sexist. It can be a girl in mom's basement that is doing this too!
13. Re:Refresh my memory by Anonymous Coward · 2015-12-24 10:24 · Score: 1
  
  Thankfully women never try to impose their will with the only way they know how. Only males.
14. Re:Refresh my memory by DNS-and-BIND · 2015-12-24 10:37 · Score: 1
  
  Oh, this could not be more wrong. Male primates don't do this for shits and grins, they do it to gain females, or to gain power (which is pretty much the same thing when you think about it). These are unfit males that will not be successful, and in an earlier age they would have been outcast or killed for acting in this way. The only way in which we can hurt them these days is by public shaming, but their internet anonymity protects them. Now maybe we begin to understand why war was so popular in earlier ages, it did a wonderful job of cleansing society of these undesirable males.
  
  --
  Shutting down free speech with violence isn't fighting fascism. It IS fascism!
15. Re: Refresh my memory by Anonymous Coward · 2015-12-24 10:39 · Score: 1
  
  Pretty sure they have roofs capable of stopping the rain.
  A bunch of fuckwits turning up with water cannons is a different story.
16. Re:Refresh my memory by SirSlud · 2015-12-24 10:39 · Score: 1
  
  You can't even make it through the summary? The hacks have targeted multiple companies/platforms in the past. Their targets have nothing to do with brand/corporate reputation.
  
  --
  "Old man yells at systemd"
17. Re:Refresh my memory by Anonymous Coward · 2015-12-24 11:04 · Score: 1
  
  We only know the target is a girl, we know nothing about the originator. For all you know, the originator was a girl in her mom's basement all along! What are you, homophobic?
18. Re:Refresh my memory by AchilleTalon · 2015-12-24 11:12 · Score: 1
  
  Better compare with Jehova witnesses who are knocking at your door. Surely, your door prevent them to enter unless you open it, however while they are knocking at your door and you don't want to open, another legitimate person may knock as well and you will not let him/her enter because of the Jehova witnesses still knocking at your door. I don't believe there is a way to stop DDoS without stopping legitimate users since they are impersonating legitimate users. To stop them, you need to prevent them to impersonate legitimate users. Once done, you can filter them out.
  
  --
  Achille Talon
  Hop!
19. Re:Refresh my memory by penguinoid · 2015-12-24 12:01 · Score: 1
  
  Whats the goal? Is to just be pricks?
  Their goal is probably to be pricks and make a name for themselves. However, they also are performing a valuable service: reminding Joe WhyShouldIcareAboutDRM that their gaming experience is subject to the whim of game servers, possibly even for offline games, and they will be unable to play should the game company decide to drop support or get overloaded.
  Non-DRM games are immune to this. Note that for some games, the only non-DRM versions are the pirated ones.
  
  --
  Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
20. Re:Refresh my memory by Time_Ngler · 2015-12-24 13:23 · Score: 1
  
  I think if you truly understand filtering and packet inspection, you could frame it in a way where you are talking about Jehovah's witnesses. The OP clearly stated the Jehovah's witnesses impersonate the legitimate door knockers.
21. Re:Refresh my memory by cfalcon · 2015-12-24 14:01 · Score: 1
  
  Customers pay for a product and get it? That sounds like a business plan. What we have now is "customers pay for a product and don't get it".
  Build the roof.
22. Re:Refresh my memory by Deadstick · 2015-12-24 14:16 · Score: 1
  
  they do it to gain females, or to gain power
  
  Ummm, isn't that what I said?
23. Re:Refresh my memory by sycodon · 2015-12-24 15:45 · Score: 1
  
  A group of anonymous people want a name for themselves?
  
  --
  When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
24. Re:Refresh my memory by cfalcon · 2015-12-24 15:51 · Score: 1
  
  If they didn't, they wouldn't be named PhantomSquad, and on twitter.
25. Re:Refresh my memory by mattventura · 2015-12-24 22:02 · Score: 1
  
  But if your legitimate customers take up 10Gb/s of bandwidth at peak times, while the DDoSers have 500Gb/s they can clog your pipe with, does it really make sense to build 50x the capacity that you would otherwise ever need just to foil an occasional DDoS attack? I don't buy 50 cars just in case the other 49 get stolen.
26. Re:Refresh my memory by Time_Ngler · 2015-12-24 22:13 · Score: 1
  
  Sony PSN and XboxLive use a different protocol then Google or Amazon. It's likely there are more expensive operations that the former networks have to support. It's like having a doorbell that plays a very long musical tone for the pizza man which the Jehovah's witness are continually pressing. And you aren't playing the game... probably because you have no idea what you are talking about.
27. Re: Refresh my memory by Anonymous Coward · 2015-12-24 22:34 · Score: 1
  
  Mooslims say MOO! MOO! Moo say the mooslims!
28. Re:Refresh my memory by Anonymous Coward · 2015-12-24 23:09 · Score: 1
  
  Stop making excuses for these vermin. EA aren't bothered, they don't lose money, they already have sales income. It's the consumer that's getting fucked by these sad tossers. They're the ones losing their gaming time, perhaps the only period they have available after working seven days a week doing shitty jobs to make ends meet. Millions of people are being denied access to products and services they purchased because a few dweebs run bots for the LOLs.
  So go and do one yourself, faggot.
29. Re:Refresh my memory by KGIII · 2015-12-25 02:33 · Score: 1
  
  This is not *entirely* true. Well, it might be true. Way back in the 1990s, I answered the door completely naked and it was Jehovah's Witnesses. I'd just gotten out of the shower and I heard the knock on the door. I told them I was naked and that I'd get dressed but that they could come in. The two old ladies came in, probably saw my butt as I went down the hall, and waited patiently for me.
  I spent a few months studying with them because I knew nothing about their religion and was curious. They were aware that I wasn't likely to suddenly become a religious person. I even went to church (Kingdom Hall) with 'em a couple of times to see what the people were like. (They had some rather hot and eligible chicks but I suspect they have a touch of the crazy.)
  They do not celebrate Christmas.
  
  --
  "So long and thanks for all the fish."
30. Re:Refresh my memory by rossz · 2015-12-25 07:16 · Score: 1
  
  Do I have to explain why Sony is bad? Here of all places you retarded piece of shit?
  Yes, you do need to explain why Sony is bad. Sony BMG? Different company with no real association with Playstation. OtherOS? An "extra" that was never advertised and was not officially supported. So, yes, please explain you retarded piece of shit.
  
  --
  -- Will program for bandwidth
31. Re:Refresh my memory by UsuallyReasonable · 2015-12-25 15:58 · Score: 1
  
  Don't get me started on "automated null routing" which got non-infringing servers of mine turned off on a regular basis. It ain't perfect.
32. Re:Refresh my memory by UsuallyReasonable · 2015-12-25 16:04 · Score: 1
  
  Non-DRM games are immune to this.
  Oh please.
Spoiled Little Children by JimMcc · 2015-12-24 09:09 · Score: 2

Maybe at some point in their lives, if they ever grow up, they'll learn that just because you can doesn't mean you should
1. Re:Spoiled Little Children by CanadianMacFan · 2015-12-24 12:25 · Score: 1
  
  There are many people who have grown up that could also follow that advice.
  "I know we're in a drought but let's just plant more water thirsty trees and drain the aquifer."
  "Let's release these GM insects. Nothing could possibly go wrong." (Heard on a science podcast that they are getting close to doing this. And the GM crops have been so successful in reducing herbicide use.)
They do realize that if you take away by future+assassin · 2015-12-24 09:10 · Score: 1

peoples entertainment those people will not side with their fill in "I' got teenage angst against this" issues?

--
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
Live attack map by guardiangod · 2015-12-24 09:11 · Score: 4, Interesting

Just look at Norse Attack Map
Lots o NTPf traffic from China
http://map.norsecorp.com/
1. Re:Live attack map by Harlequin80 · 2015-12-24 09:31 · Score: 1
  
  Fascinating to watch that. I wonder what mechanism they are using. I suspect that they have found a weakness in Beijing Hsoft which allows them to use their NTP servers to amplify.
2. Re:Live attack map by Anonymous Coward · 2015-12-24 09:43 · Score: 1
  
  "Beijing Hsoft" appears to be a commercial software sub-licensing agency.
  But maybe there's nothing special about that one. There's no such thing as computer security in China. Plenty of old, never-updated boxes running Windows XP and nobody gives a damn. Of course any DDoS team worthy of their moisture are using zombie boxes in that country, and probably Hsoft simply has the combination of best infrastructure and worst security practice.
3. Re:Live attack map by jon3k · 2015-12-24 09:49 · Score: 1
  
  You don't need a weakness per say, you just need to be able to spoof the source address.
4. Re:Live attack map by Harlequin80 · 2015-12-24 10:01 · Score: 1
  
  No not a weakness but a poorly configured NTP server. They should be either running a later version of NTP where this amplification method was fixed or having their system configured to require a nonce. That way spoofing wont work.
5. Re:Live attack map by ssufficool · 2015-12-24 10:36 · Score: 1
  
  So the lesson is, we will continue to attack you until this other company fixes their server. Wow.
  In another story, my neighbor is shitting on my lawn because their plumbing is broke. Court of public opinion finds me at fault.
6. Re:Live attack map by Dutch+Gun · 2015-12-24 15:02 · Score: 2
  
  Don't expect anything but the thinnest veneer of an excuse as to why they're doing this. They're going this because they're angsty teenage males with lots of testosterone and no power, so this is how they vent their frustration at the unfairness of the (first) world. Taking down a multi-billion-dollar international corporation's network is undoubtedly a power trip for them.
  It's really nothing more than digital vandalism. I wish the media would label it as such rather than "hacking".
  
  --
  Irony: Agile development has too much intertia to be abandoned now.
7. Re:Live attack map by Chris+Mattern · 2015-12-25 03:38 · Score: 1
  
  Just look at Norse Attack Map
  I would, but it appears to be broken. Could someone, ironically, be DDOSing it?
as they should by Gravis+Zero · 2015-12-24 09:30 · Score: 2, Funny

EA issue apologies on its Twitter account
it's about time! have you seen what they do to game series'? now what's all this business about DDoS attacks? ;)

--
Anons need not reply. Questions end with a question mark.
Go online to play an offline game by Calydor · 2015-12-24 10:02 · Score: 3, Interesting

If it wasn't for validation servers for strictly offline games, eg. The Sims, this wouldn't be half as bad. It's when people don't get to play an offlline game because a server somewhere is down or messed up that things get ugly.

--
-=This sig has nothing to do with my comment. Move along now=-
1. Re:Go online to play an offline game by Anonymous Coward · 2015-12-24 11:50 · Score: 2, Insightful
  
  And things should get ugly. People should be pissed at the game companies that require online for single player.
The correct solution by rossz · 2015-12-24 10:03 · Score: 2

I got in trouble at work once when I proposed a solution to deal with the massive number of attacks we were receiving from China. I said, "block China completely and call it a day." It seems I was "culturally insensitive."

--
-- Will program for bandwidth
1. Re:The correct solution by Calydor · 2015-12-24 10:17 · Score: 3, Insightful
  
  Depends on the site.
  If you're running a local e-commerce site that sells only to a single state or county rather than the entire country, let alone to China, blocking China at the gate doesn't really seem that bad of a business move.
  
  --
  -=This sig has nothing to do with my comment. Move along now=-
2. Re:The correct solution by rossz · 2015-12-24 13:07 · Score: 1
  
  When 99% of an attack are coming from a single nation's ip addresses, it makes sense to block them, if only temporarily.
  
  --
  -- Will program for bandwidth
not the first time, when will MSFT fix it? by peter303 · 2015-12-24 10:30 · Score: 1

PS may be a-holes, but they pointing out an unfixed problem.
1. Re:not the first time, when will MSFT fix it? by jader3rd · 2015-12-24 17:28 · Score: 1
  
  PS may be a-holes, but they pointing out an unfixed problem.
  I'm sorry, but how is it a problem? If they never did the attack, then the network would never go down. At least not go down because of the servers being hit with orders of magnitude more requests than what they're designed for.
2. Re:not the first time, when will MSFT fix it? by Harlequin80 · 2015-12-24 17:28 · Score: 1
  
  Not specifically a MSFT problem. It will happen on any NTP server that will respond to a monlist request without first requiring a nonce verification of the senders IP address.
  Send this command ntpdc –c monlist 1xx.xxx.xxx.xx9 (where x is your target NTP server) and you will get a much larger response. Combine that with a spoofed return address and you have your DDOS attach vector.
The idiots found a hammer by JustAnotherOldGuy · 2015-12-24 11:17 · Score: 1

That's all this is, no different than giving a mentally retarded asshole a hammer and directing them to a store that sells fine china.
"Hurr durr, lookit me, guys, I can break stuff, lololol! Wow, ain't I kool? Lookit mah leet skillz!"
What these little shits need is a good ass-kicking, perhaps to the point of hospitalization.

--
Just cruising through this digital world at 33 1/3 rpm...
Re:Time to turn the screws by JustAnotherOldGuy · 2015-12-24 11:18 · Score: 1

Ban general purpose computers now.
Yes, that seems entirely reasonable and practical.

--
Just cruising through this digital world at 33 1/3 rpm...
They didn't bother with Simpsons Tapped Out by mea2214 · 2015-12-24 13:13 · Score: 1

I've been checking in every 4 hours without a glitch (knock on wood).
Microsoft Windows Xmas DDoS attacks .. by nickweller · 2015-12-24 22:41 · Score: 1

By any chance would this DDOS farm run on Microsoft Windows desktop computers?