Jump to content

Lizard Squad: Difference between revisions

Page semi-protected
From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
+detail
Citation bot (talk | contribs)
Bots
5,041,884 edits
Altered template type. Removed Template redirect. | Use this bot. Report bugs. | #UCB_CommandLine
(17 intermediate revisions by 15 users not shown)
Line 4: Line 4:
|
|
| name = Lizard Squad
| name = Lizard Squad
| image =
| image = Lizard Squad lizard.jpg
| caption = The logo used in Lizard Squad's official Facebook and Twitter accounts
| caption = Lizard Squad logo
| formation = August 18, 2014
| formation = August 18, 2014
| type = Hacking
| type = Hacking
Line 11: Line 11:
}}
}}
{{DISPLAYTITLE:Lizard Squad}}
{{DISPLAYTITLE:Lizard Squad}}
'''Lizard Squad''' was a [[Hacker (computer security)#Black hat|black hat hacking]] group, mainly known for their claims of [[denial-of-service attack#Distributed attacks|distributed denial-of-service]] (DDoS) attacks<ref>{{cite news | url=http://uk.businessinsider.com/lizard-squad-hack-playstation-and-xbox-2014-12?r=US | title=How A Hacker Gang Literally Saved Christmas For Video Game Players Everywhere | work=Business Insider | access-date=25 December 2014}}</ref> primarily to disrupt gaming-related services.
'''Lizard Squad''' was a [[Hacker (computer security)#Black hat|black hat hacking]] group, mainly known for their claims of [[distributed denial-of-service]] (DDoS) attacks<ref>{{cite news | url=http://uk.businessinsider.com/lizard-squad-hack-playstation-and-xbox-2014-12?r=US | title=How A Hacker Gang Literally Saved Christmas For Video Game Players Everywhere | work=Business Insider | access-date=25 December 2014 | archive-date=17 January 2015 | archive-url=https://web.archive.org/web/20150117110844/http://uk.businessinsider.com/lizard-squad-hack-playstation-and-xbox-2014-12?r=US | url-status=live }}</ref> primarily to disrupt gaming-related services.


On September 3, 2014, Lizard Squad seemingly announced that it had disbanded<ref>{{cite news | url=http://news.softpedia.com/news/Lizard-Squad-Hacker-Collective-Announces-Disbanding-457508.shtml | title=Lizard Squad Hacker Collective Announces Disbanding | work=Softpedia News | access-date=26 December 2014}}</ref> only to return later on, claiming responsibility for a variety of attacks on prominent websites. The organization at one point participated in the [[Darkode]] hacking forums and shared hosting with them.<ref>{{cite news|last1=MalwareTech|title=Darkode - Ode to Lizard Squad (The Rise and Fall of a Private Community)|url=http://www.malwaretech.com/2014/12/darkode-ode-to-lizardsquad-rise-and.html|access-date=4 August 2015|date=December 2014}}</ref><ref name=independent>{{cite web|work=The Independent|url=https://www.independent.co.uk/news/world/americas/darkode-fbi-shuts-down-notorious-online-forum-and-cracks-cyber-hornets-nest-of-criminal-hackers-10391734.html|title=Darkode: FBI shuts down notorious online forum and cracks 'cyber hornet's nest of criminal hackers'|date=15 July 2015|last=Buncombe|first=August}}</ref>
On September 3, 2014, Lizard Squad seemingly announced that it had disbanded<ref>{{cite news | url=http://news.softpedia.com/news/Lizard-Squad-Hacker-Collective-Announces-Disbanding-457508.shtml | title=Lizard Squad Hacker Collective Announces Disbanding | work=Softpedia News | access-date=26 December 2014 | archive-date=29 June 2020 | archive-url=https://web.archive.org/web/20200629193810/https://news.softpedia.com/news/Lizard-Squad-Hacker-Collective-Announces-Disbanding-457508.shtml | url-status=live }}</ref> only to return later on, claiming responsibility for a variety of attacks on prominent websites. The organization at one point participated in the [[Darkode]] hacking forums and shared hosting with them.<ref>{{cite news|last1=MalwareTech|title=Darkode - Ode to Lizard Squad (The Rise and Fall of a Private Community)|url=http://www.malwaretech.com/2014/12/darkode-ode-to-lizardsquad-rise-and.html|access-date=4 August 2015|date=December 2014|archive-date=21 July 2015|archive-url=https://web.archive.org/web/20150721213356/http://www.malwaretech.com/2014/12/darkode-ode-to-lizardsquad-rise-and.html|url-status=live}}</ref><ref name=independent>{{cite web|work=The Independent|url=https://www.independent.co.uk/news/world/americas/darkode-fbi-shuts-down-notorious-online-forum-and-cracks-cyber-hornets-nest-of-criminal-hackers-10391734.html|title=Darkode: FBI shuts down notorious online forum and cracks 'cyber hornet's nest of criminal hackers'|date=15 July 2015|last=Buncombe|first=August|access-date=4 September 2017|archive-date=14 June 2020|archive-url=https://web.archive.org/web/20200614051409/https://www.independent.co.uk/news/world/americas/darkode-fbi-shuts-down-notorious-online-forum-and-cracks-cyber-hornets-nest-of-criminal-hackers-10391734.html|url-status=live}}</ref>


On April 30, 2016, [[Cloudflare]] published a blogpost detailing how [[cyber criminals]] using this group's name were issuing random threats of carrying out DDoS attacks, despite these threats, Cloudflare claim they failed to carry through with a single attack.<ref>{{cite web|last1=Paine|first1=Justin|title=Lizard Squad Ransom Threats: New Name, Same Faux Armada Collective M.O.|url=https://blog.cloudflare.com/lizard-squad-ransom-threats-new-name-same-faux-armada-collective-m-o-2/|website=CloudFlare Blog|publisher=CloudFlare, Inc.|access-date=17 May 2016}}</ref><ref>{{cite news|last1=Ashok|first1=India|title=Armada Collective impersonators now posing as Lizard Squad in DDoS scam|url=http://www.ibtimes.co.uk/armada-collective-impersonators-now-posing-lizard-squad-ddos-scam-1557588|access-date=17 May 2016|work=International Business Times|date=April 30, 2016 }}</ref> As a result of this, the [[City of London Police]] issued an alert warning businesses not to comply with ransom messages threatening DDoS attacks.<ref>{{cite news|last1=Russon|first1=Mary-Ann|title=Fake 'Lizard Squad' DDoS demands hit UK businesses spurring police warning|url=http://www.ibtimes.co.uk/fake-lizard-squad-ddos-demands-hit-uk-businesses-spurring-police-warning-1558049|access-date=17 May 2016|work=International Business Times|date=May 3, 2016 }}</ref><ref>{{cite web|title=Online extortion demands affecting businesses|url=http://www.actionfraud.police.uk/news/online-extortion-demands-affecting-businesses-apr16|website=Action Fraud|access-date=17 May 2016|date=29 April 2016}}</ref>
On April 30, 2016, [[Cloudflare]] published a blogpost detailing how [[cyber criminals]] using this group's name were issuing random threats of carrying out DDoS attacks. Despite these threats, Cloudflare claim they failed to carry through with a single attack.<ref>{{cite web|last1=Paine|first1=Justin|title=Lizard Squad Ransom Threats: New Name, Same Faux Armada Collective M.O.|url=https://blog.cloudflare.com/lizard-squad-ransom-threats-new-name-same-faux-armada-collective-m-o-2/|website=CloudFlare Blog|date=29 April 2016|publisher=CloudFlare, Inc.|access-date=17 May 2016|archive-date=14 June 2020|archive-url=https://web.archive.org/web/20200614053435/https://blog.cloudflare.com/lizard-squad-ransom-threats-new-name-same-faux-armada-collective-m-o-2/|url-status=live}}</ref><ref>{{cite news|last1=Ashok|first1=India|title=Armada Collective impersonators now posing as Lizard Squad in DDoS scam|url=http://www.ibtimes.co.uk/armada-collective-impersonators-now-posing-lizard-squad-ddos-scam-1557588|access-date=17 May 2016|work=International Business Times|date=April 30, 2016|archive-date=15 June 2020|archive-url=https://web.archive.org/web/20200615211720/https://www.ibtimes.co.uk/armada-collective-impersonators-now-posing-lizard-squad-ddos-scam-1557588|url-status=live}}</ref> As a result of this, the British [[National Fraud Intelligence Bureau]] issued an alert warning businesses not to comply with ransom messages threatening DDoS attacks.<ref>{{cite news|last1=Russon|first1=Mary-Ann|title=Fake 'Lizard Squad' DDoS demands hit UK businesses spurring police warning|url=http://www.ibtimes.co.uk/fake-lizard-squad-ddos-demands-hit-uk-businesses-spurring-police-warning-1558049|access-date=17 May 2016|work=International Business Times|date=May 3, 2016|archive-date=30 June 2020|archive-url=https://web.archive.org/web/20200630162926/https://www.ibtimes.co.uk/fake-lizard-squad-ddos-demands-hit-uk-businesses-spurring-police-warning-1558049|url-status=live}}</ref><ref>{{cite web|title=Online extortion demands affecting businesses|url=http://www.actionfraud.police.uk/news/online-extortion-demands-affecting-businesses-apr16|website=Action Fraud|access-date=17 May 2016|date=29 April 2016|archive-date=30 August 2018|archive-url=https://web.archive.org/web/20180830004910/https://www.actionfraud.police.uk/news/online-extortion-demands-affecting-businesses-apr16|url-status=live}}</ref>


==Distributed denial-of-service attacks==
==Distributed denial-of-service attacks==


A distributed denial-of-service (DDoS) attack occurs when numerous systems flood the bandwidth or resources of a targeted system, usually one or more web servers.<ref>{{cite web|url=http://d-scholarship.pitt.edu/19225/1/FinalVersion.pdf |title=A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks |first=Saman |last=Taghavi Zargar |publisher=IEEE COMMUNICATIONS SURVEYS & TUTORIALS |volume=15 |issue=4 |pages=2046–2069 |date=November 2013 |access-date=2014-03-07}}</ref> Such an attack is often the result of multiple systems (for example a [[botnet]]) flooding the targeted system with traffic. When a server is overloaded with connections, new connections can no longer be accepted.
A distributed denial-of-service (DDoS) attack occurs when numerous systems flood the bandwidth or resources of a targeted system, usually one or more web servers.<ref>{{cite web |url=http://d-scholarship.pitt.edu/19225/1/FinalVersion.pdf |title=A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks |first=Saman |last=Taghavi Zargar |publisher=IEEE COMMUNICATIONS SURVEYS & TUTORIALS |volume=15 |issue=4 |pages=2046–2069 |date=November 2013 |access-date=2014-03-07 |archive-date=2016-08-17 |archive-url=https://web.archive.org/web/20160817121941/http://d-scholarship.pitt.edu/19225/1/FinalVersion.pdf |url-status=live }}</ref> Such an attack is often the result of multiple systems (for example a [[botnet]]) flooding the targeted system with traffic. When a server is overloaded with connections, new connections can no longer be accepted.


== Notable actions ==
== Notable actions ==
Lizard Squad has claimed responsibility for launching a string of [[DDoS attacks]] against high-profile [[Game server|game-related services]] over the course of a few months in late 2014. On August 18, 2014, [[Game server|servers]] of the game ''[[League of Legends]]'' were taken offline with a [[DDoS attack]]; this was claimed as Lizard Squad's first attack.<ref>{{cite news

=== ''League of Legends'' DDoS ===
On August 18, 2014, [[Game server|servers]] of the game ''[[League of Legends]]'' were taken offline with a [[DDoS attack]]; this was claimed as Lizard Squad's first attack.<ref>{{cite news
| last =Gilbert
| last =Gilbert
| first =David
| first =David
| title = Who Are Lizard Squad - Isis-Linked Hackers or Trolls Making Bomb Threats?
| title =Who Are Lizard Squad - Isis-Linked Hackers or Trolls Making Bomb Threats?
| newspaper =[[International Business Times]]
| newspaper =[[International Business Times]]
| date =August 26, 2014
| date =August 26, 2014
| url =http://www.ibtimes.co.uk/who-are-lizard-squad-isis-linked-hackers-trolls-making-bomb-threats-1462639
| url =http://www.ibtimes.co.uk/who-are-lizard-squad-isis-linked-hackers-trolls-making-bomb-threats-1462639
| access-date =December 23, 2014
}}</ref>
| archive-date =November 23, 2019

| archive-url =https://web.archive.org/web/20191123172432/https://www.ibtimes.co.uk/who-are-lizard-squad-isis-linked-hackers-trolls-making-bomb-threats-1462639
=== Destiny DDoS ===
| url-status =live
On November 23, 2014, Lizard Squad claimed they attacked ''[[Destiny (video game)|Destiny]]'' servers with a DDoS attack.<ref>{{cite news
}}</ref> Days later, on August 24, the [[PlayStation Network]] was disrupted via a DDoS attack.<ref>{{cite news
| last =Schmitz
| first =Alex
| title =Destiny Gamers Facing Connection Errors, Servers DDOS'ed by the Lizard Squad | newspaper = Gamechup
| date =November 23, 2014
| url =http://www.gamechup.com/destiny-gamers-facing-connection-errors-servers-ddosed-by-the-lizard-squad/
| access-date =December 26, 2014 }}</ref>

=== PlayStation Network DDoS ===
On August 24, 2014, the [[PlayStation Network]] was disrupted via a [[DDoS attack]], and again On December 8, with Lizard Squad claiming responsibility.<ref>{{cite news
| last =Zorabedian
| last =Zorabedian
| first =John
| first =John
Line 50: Line 40:
| date =August 26, 2014
| date =August 26, 2014
| url =https://nakedsecurity.sophos.com/2014/08/26/lizard-squad-hackers-force-psn-offline-and-sony-exec-from-the-sky/
| url =https://nakedsecurity.sophos.com/2014/08/26/lizard-squad-hackers-force-psn-offline-and-sony-exec-from-the-sky/
| access-date = December 26, 2014}}
| access-date =December 26, 2014
| archive-date =July 21, 2020
</ref><ref>{{cite news
| archive-url =https://web.archive.org/web/20200721034253/https://nakedsecurity.sophos.com/2014/08/26/lizard-squad-hackers-force-psn-offline-and-sony-exec-from-the-sky/
| url-status =live
}}</ref> On November 23, the group claimed they attacked ''[[Destiny (video game)|Destiny]]'' servers with a DDoS attack.<ref>{{cite news
| last =Schmitz
| first =Alex
| title =Destiny Gamers Facing Connection Errors, Servers DDOS'ed by the Lizard Squad
| newspaper =Gamechup
| date =November 23, 2014
| url =http://www.gamechup.com/destiny-gamers-facing-connection-errors-servers-ddosed-by-the-lizard-squad/
| access-date =December 26, 2014
| archive-date =December 29, 2019
| archive-url =https://web.archive.org/web/20191229112246/http://www.gamechup.com/destiny-gamers-facing-connection-errors-servers-ddosed-by-the-lizard-squad/
| url-status =dead
}}</ref> On December 1, [[Xbox Live]] was apparently attacked by Lizard Squad: users attempting to connect to use the service would be given the 80151909 error code.<ref>{{cite news
| last =McWherter
| first =Michael
| title =Xbox Live having issues, hacker group claims responsibility for taking it offline [update]
| newspaper =Polygon
| date =December 1, 2014
| url =http://www.polygon.com/2014/12/1/7317975/xbox-live-offline-hacking-group-lizard-squad
| access-date =December 26, 2014
| archive-date =June 8, 2020
| archive-url =https://web.archive.org/web/20200608220633/https://www.polygon.com/2014/12/1/7317975/xbox-live-offline-hacking-group-lizard-squad
| url-status =live
}}</ref> On December 2, Lizard Squad defaced [[Machinima.com]], replacing their front page with [[ASCII art]] of their logo.<ref>{{cite news | url=http://www.bbc.co.uk/newsbeat/30306319 | title=Sony hack: North Korea back online after internet outage | work=BBC Newsbeat | access-date=23 December 2014 | archive-date=11 March 2015 | archive-url=https://web.archive.org/web/20150311004920/http://www.bbc.co.uk/newsbeat/30306319 | url-status=live }}</ref> A week after, on December 8, Lizard Squad claimed responsibility for another PlayStation Network DDoS attack.<ref>{{cite news
| title =PlayStation Network Hacked 'By Lizard Squad'
| title =PlayStation Network Hacked 'By Lizard Squad'
| newspaper =[[Sky News]]
| newspaper =[[Sky News]]
Line 57: Line 72:
| date =December 8, 2014
| date =December 8, 2014
| url =http://news.sky.com/story/1387871/playstation-network-hacked-by-lizard-squad
| url =http://news.sky.com/story/1387871/playstation-network-hacked-by-lizard-squad
| access-date =December 26, 2014 }}</ref><ref>{{cite news
| access-date =December 26, 2014
| archive-date =April 9, 2016
| archive-url =https://web.archive.org/web/20160409180342/http://news.sky.com/story/1387871/playstation-network-hacked-by-lizard-squad
| url-status =live
}}</ref><ref>{{cite news
| last =Jones
| last =Jones
| first =Gary
| first =Gary
Line 65: Line 84:
| date =December 9, 2014
| date =December 9, 2014
| url =http://www.express.co.uk/life-style/science-technology/544851/Sony-Hacker-Group-PSN-down-Lizard-Squad-PS4-PS3
| url =http://www.express.co.uk/life-style/science-technology/544851/Sony-Hacker-Group-PSN-down-Lizard-Squad-PS4-PS3
| access-date =December 26, 2014 }}</ref>
| access-date =December 26, 2014
| archive-date =January 30, 2015

| archive-url =https://web.archive.org/web/20150130055207/http://www.express.co.uk/life-style/science-technology/544851/Sony-Hacker-Group-PSN-down-Lizard-Squad-PS4-PS3
=== Xbox Live DDoS ===
| url-status =live
On December 1, 2014, [[Xbox Live]] was apparently attacked by Lizard Squad: users attempting to connect to use the service would be given the 80151909 error code.<ref>{{cite news
}}</ref> On December 22, though not game-related, [[Internet in North Korea]] was taken offline by a DDoS attack.<ref>{{cite news | url=https://arstechnica.com/information-technology/2014/12/north-korea-drops-off-the-internet-in-suspected-ddos-attack/ | title=Sony hack: North Korea back online after internet outage | work=Ars Technica | access-date=23 December 2014 | archive-date=9 June 2020 | archive-url=https://web.archive.org/web/20200609024008/https://arstechnica.com/information-technology/2014/12/north-korea-drops-off-the-internet-in-suspected-ddos-attack/ | url-status=live }}</ref> Lizard Squad claimed responsibility for the attack and linked to an [[IP address]] located in [[North Korea]].<ref>{{cite news | url=https://www.washingtonpost.com/business/economy/north-korean-web-goes-dark-days-after-obama-pledges-response-to-sony-hack/2014/12/22/b76fa0a0-8a1d-11e4-9e8d-0c687bc18da4_story.html | title=North Korean Web goes dark days after Obama pledges response to Sony hack | newspaper=Washington Post | access-date=23 December 2014 | archive-date=9 July 2020 | archive-url=https://web.archive.org/web/20200709210120/https://www.washingtonpost.com/business/economy/north-korean-web-goes-dark-days-after-obama-pledges-response-to-sony-hack/2014/12/22/b76fa0a0-8a1d-11e4-9e8d-0c687bc18da4_story.html | url-status=live }}</ref> North Korean Internet services were restored on 23 December 2014.<ref>{{cite news | url=https://www.bbc.co.uk/news/world-asia-30584093 | title=Sony hack: North Korea back online after internet outage | publisher=BBC | work=BBC News | access-date=23 December 2014 | archive-date=12 July 2020 | archive-url=https://web.archive.org/web/20200712060809/https://www.bbc.co.uk/news/world-asia-30584093 | url-status=live }}</ref>
| last =McWherter
| first =Michael
| title =Xbox Live having issues, hacker group claims responsibility for taking it offline [update]
| newspaper =Polygon
| date =December 1, 2014
| url =http://www.polygon.com/2014/12/1/7317975/xbox-live-offline-hacking-group-lizard-squad
| access-date = December 26, 2014}}</ref>

=== The Machinima Hack ===
On December 2, 2014, Lizard Squad hacked [[Machinima.com]], replacing their front page with [[ASCII art]] of their logo.<ref>{{cite news | url=http://www.bbc.co.uk/newsbeat/30306319 | title=Sony hack: North Korea back online after internet outage | work=BBC Newsbeat | access-date=23 December 2014}}</ref>

=== North Korea DDoS ===
On December 22, 2014, [[Internet in North Korea]] was taken offline by a DDoS attack.<ref>{{cite news | url=https://arstechnica.com/information-technology/2014/12/north-korea-drops-off-the-internet-in-suspected-ddos-attack/ | title=Sony hack: North Korea back online after internet outage | work=Ars Technica | access-date=23 December 2014}}</ref> Lizard Squad claimed responsibility for the attack and linked to an [[IP address]] located in [[North Korea]].<ref>{{cite news | url=https://www.washingtonpost.com/business/economy/north-korean-web-goes-dark-days-after-obama-pledges-response-to-sony-hack/2014/12/22/b76fa0a0-8a1d-11e4-9e8d-0c687bc18da4_story.html | title=North Korean Web goes dark days after Obama pledges response to Sony hack | newspaper=Washington Post | access-date=23 December 2014}}</ref> North Korean Internet services were restored on the 23 December 2014.<ref>{{cite news | url=https://www.bbc.co.uk/news/world-asia-30584093 | title=Sony hack: North Korea back online after internet outage | publisher=BBC | work=BBC News | access-date=23 December 2014}}</ref>


=== Christmas attacks ===
=== Christmas attacks ===
Lizard Squad had previously threatened to take down gaming services on Christmas.<ref>{{cite news | url=http://www.ibtimes.co.uk/xbox-live-lizard-squad-hackers-promise-ddos-attacks-christmas-1477830 | title=Xbox Live: Lizard Squad hackers promise DDoS attacks at Christmas | work=International Business Times | access-date=25 December 2014}}</ref>
Lizard Squad had previously threatened to take down gaming services on Christmas.<ref>{{cite news | url=http://www.ibtimes.co.uk/xbox-live-lizard-squad-hackers-promise-ddos-attacks-christmas-1477830 | title=Xbox Live: Lizard Squad hackers promise DDoS attacks at Christmas | work=International Business Times | access-date=25 December 2014 | archive-date=9 June 2020 | archive-url=https://web.archive.org/web/20200609024014/https://www.ibtimes.co.uk/xbox-live-lizard-squad-hackers-promise-ddos-attacks-christmas-1477830 | url-status=live }}</ref>


On December 25, 2014 (Christmas Day), Lizard Squad claimed to have performed a [[DDoS]] attack on the PlayStation Network and Xbox Live. On December 26, 2014, at 2:00 AM,{{when|reason=No time zone specified.|date=December 2014}} Lizard Squad appeared to stop attacking PlayStation Network and Xbox Live. [[Gizmodo]] reported that the attacks may have ceased after [[Kim Dotcom]] offered Lizard Squad 3000 accounts on his upload service [[Mega (service)|MEGA]].<ref>{{cite news | url=http://www.gizmodo.com.au/2014/12/kim-dotcom-may-have-just-saved-holiday-gaming/ | title=Kim Dotcom May Have Just Saved Holiday Gaming | work=Gizmodo | access-date=26 December 2014}}</ref>
On December 25, 2014 (Christmas Day), Lizard Squad claimed to have performed a [[DDoS]] attack on the PlayStation Network and Xbox Live. On December 26, 2014, at 2:00 AM,{{when|reason=No time zone specified.|date=December 2014}} Lizard Squad appeared to stop attacking PlayStation Network and Xbox Live. [[Gizmodo]] reported that the attacks may have ceased after [[Kim Dotcom]] offered Lizard Squad 3000 accounts on his upload service [[Mega (service)|MEGA]].<ref>{{cite news | url=http://www.gizmodo.com.au/2014/12/kim-dotcom-may-have-just-saved-holiday-gaming/ | title=Kim Dotcom May Have Just Saved Holiday Gaming | work=Gizmodo | access-date=26 December 2014 | archive-date=27 March 2019 | archive-url=https://web.archive.org/web/20190327135053/https://www.gizmodo.com.au/2014/12/kim-dotcom-may-have-just-saved-holiday-gaming/ | url-status=live }}</ref>


=== Tor sybil attack ===
=== Tor sybil attack ===
On December 26, 2014, a [[Sybil attack]] involving more than 3000 relays was attempted against the [[Tor (anonymity network)|Tor]] network.<ref>{{cite news | url=https://lists.torproject.org/pipermail/tor-consensus-health/2014-December/005381.html | title=[tor-consensus-health] Possible Sybil Attack | work="tor-consensus-health" mailing list | access-date=26 December 2014}}</ref> Nodes with names beginning with "LizardNSA" began appearing, Lizard Squad claimed responsibility for this attack.<ref>{{cite news | url=https://gizmodo.com/hackers-who-shut-down-psn-and-xbox-live-now-attacking-t-1675331908 | title=Hackers Who Shut Down PSN and Xbox Live Now Attacking Tor | work=Gizmodo | access-date=26 December 2014}}</ref>
On December 26, 2014, a [[Sybil attack]] involving more than 3000 relays was attempted against the [[Tor (anonymity network)|Tor]] network.<ref>{{cite news | url=https://lists.torproject.org/pipermail/tor-consensus-health/2014-December/005381.html | title=[tor-consensus-health] Possible Sybil Attack | work="tor-consensus-health" mailing list | access-date=26 December 2014 | archive-date=23 June 2019 | archive-url=https://web.archive.org/web/20190623153921/https://lists.torproject.org/pipermail/tor-consensus-health/2014-December/005381.html | url-status=live }}</ref> Nodes with names beginning with "LizardNSA" began appearing, Lizard Squad claimed responsibility for this attack.<ref>{{cite news | url=https://gizmodo.com/hackers-who-shut-down-psn-and-xbox-live-now-attacking-t-1675331908 | title=Hackers Who Shut Down PSN and Xbox Live Now Attacking Tor | work=Gizmodo | access-date=26 December 2014 | archive-date=31 October 2019 | archive-url=https://web.archive.org/web/20191031142050/https://gizmodo.com/hackers-who-shut-down-psn-and-xbox-live-now-attacking-t-1675331908 | url-status=live }}</ref>


The relevance of the attack was questioned. According to Tor relay node operator [[Cthulhu (developer)|Thomas White]], the consensus system made that Lizard Squad only managed to control "0.2743% of the network, equivalent of a tiny VPS".<ref>{{cite tweet |author= TheCthulhu |user= CthulhuSec|number= 548585424483274752 |date= 26 December 2014 |title= Congrats to Lizard Squad people who with 3300 or so relays control 0.2743% of the network. Equivalent of a tiny VPS. |access-date= 26 December 2014 }}</ref>
The relevance of the attack was questioned. According to Tor relay node operator [[Cthulhu (developer)|Thomas White]], the consensus system made that Lizard Squad only managed to control "0.2743% of the network, equivalent of a tiny VPS".<ref>{{cite tweet |author= TheCthulhu |user= CthulhuSec|number= 548585424483274752 |date= 26 December 2014 |title= Congrats to Lizard Squad people who with 3300 or so relays control 0.2743% of the network. Equivalent of a tiny VPS. |access-date= 26 December 2014 }}</ref>


=== Malaysia Airlines website attack ===
=== Malaysia Airlines website attack ===
On January 26, 2015, the website of [[Malaysia Airlines]] was attacked, apparently by Lizard Squad, calling itself a "cyber caliphate". Users were redirected to another page bearing an image of a tuxedo-wearing lizard, and reading "Hacked by Cyber Caliphate". Underneath this was text reading "follow the cyber caliphate on twitter" after which were the Twitter accounts of the owner of UMG, "@UMGRobert" and CEO of UMG, "@UMG_Chris". The page also carried the headline "404 - Plane Not Found", an apparent reference to the airline's loss of flight [[MH370]] the previous year. Malaysia Airlines assured customers and clients that customer data had not been compromised.<ref name=ABCA>[http://www.abc.net.au/news/2015-01-26/malaysia-airlines-website-hacked-by-lizard-squad/6047032 Malaysia Airlines website 'compromised' by 'cyber caliphate' Lizard Squad hackers], ABC News Australia, 26 Jan 2015</ref>
On January 26, 2015, the website of [[Malaysia Airlines]] was attacked, apparently by Lizard Squad, calling itself a "cyber caliphate". Users were redirected to another page bearing an image of a tuxedo-wearing lizard, and reading "Hacked by Cyber Caliphate". Underneath this was text reading "follow the cyber caliphate on twitter" after which were the Twitter accounts of the owner of UMG, "@UMGRobert" and CEO of UMG, "@UMG_Chris". The page also carried the headline "404 - Plane Not Found", an apparent reference to the airline's loss of flight [[MH370]] the previous year. Malaysia Airlines assured customers and clients that customer data had not been compromised.<ref name=ABCA>[http://www.abc.net.au/news/2015-01-26/malaysia-airlines-website-hacked-by-lizard-squad/6047032 Malaysia Airlines website 'compromised' by 'cyber caliphate' Lizard Squad hackers] {{Webarchive|url=https://web.archive.org/web/20180228133900/http://www.abc.net.au/news/2015-01-26/malaysia-airlines-website-hacked-by-lizard-squad/6047032 |date=2018-02-28 }}, ABC News Australia, 26 Jan 2015</ref>


Media reports around the world said versions of the takeover in some regions included the wording "ISIS will prevail", which listed concerns of Lizard Squad's association with the [[Islamic State of Iraq and the Levant|Islamic State]].<ref name=ABCA/>
Media reports around the world said versions of the takeover in some regions included the wording "ISIS will prevail", which listed concerns of Lizard Squad's association with the [[Islamic State of Iraq and the Levant|Islamic State]].<ref name=ABCA/>


=== Daybreak Games DDoS ===
=== Daybreak Games DDoS ===
On July 9, 2015, game servers operated by [[Daybreak Game Company]], including those of ''[[H1Z1]]'' and ''[[PlanetSide 2]]'', were disrupted by a DDoS attack that Lizard Squad claimed responsibility for.<ref>{{cite web |title=Lizard Squad attacks PlanetSide 2, H1Z1, more |url=https://www.eurogamer.net/lizard-squad-attacks-planetside-2-h1z1 |website=Eurogamer.net |access-date=19 April 2022 |language=en-gb |date=10 July 2015}}</ref><ref>{{cite web |title=Lizard Squad Brings Down H1Z1 and PlanetSide 2 Servers After Daybreak CEO Calls Out Hackers |url=https://www.gamerevolution.com/news/11373-lizard-squad-brings-down-h1z1-and-planetside-2-servers-after-daybreak-ceo-calls-out-hackers |website=GameRevolution |access-date=19 April 2022 |date=10 July 2015}}</ref> The attack was performed in retaliation to legal threats John Smedley, the company's CEO, had made after being targeted by the hacking group.<ref>{{cite web |title=Harassed Dev Tells Lizard Squad Hacker “I'm Coming For You” |url=https://www.gamespot.com/articles/harassed-dev-tells-lizard-squad-hacker-im-coming-f/1100-6428738/ |website=GameSpot |access-date=19 April 2022}}</ref>
On July 9, 2015, game servers operated by [[Daybreak Game Company]], including those of ''[[H1Z1]]'' and ''[[PlanetSide 2]]'', were disrupted by a DDoS attack that Lizard Squad claimed responsibility for.<ref>{{cite web |title=Lizard Squad attacks PlanetSide 2, H1Z1, more |url=https://www.eurogamer.net/lizard-squad-attacks-planetside-2-h1z1 |website=Eurogamer.net |access-date=19 April 2022 |language=en-gb |date=10 July 2015 |archive-date=19 April 2022 |archive-url=https://web.archive.org/web/20220419164655/https://www.eurogamer.net/lizard-squad-attacks-planetside-2-h1z1 |url-status=live }}</ref><ref>{{cite web |title=Lizard Squad Brings Down H1Z1 and PlanetSide 2 Servers After Daybreak CEO Calls Out Hackers |url=https://www.gamerevolution.com/news/11373-lizard-squad-brings-down-h1z1-and-planetside-2-servers-after-daybreak-ceo-calls-out-hackers |website=GameRevolution |access-date=19 April 2022 |date=10 July 2015 |archive-date=19 April 2022 |archive-url=https://web.archive.org/web/20220419164655/https://www.gamerevolution.com/news/11373-lizard-squad-brings-down-h1z1-and-planetside-2-servers-after-daybreak-ceo-calls-out-hackers |url-status=live }}</ref> The attack was performed in retaliation to legal threats [[John Smedley (business executive)|John Smedley]], the company's CEO, had made after being targeted by the hacking group.<ref>{{cite web |title=Harassed Dev Tells Lizard Squad Hacker "I'm Coming For You" |url=https://www.gamespot.com/articles/harassed-dev-tells-lizard-squad-hacker-im-coming-f/1100-6428738/ |website=GameSpot |access-date=19 April 2022 |archive-date=19 April 2022 |archive-url=https://web.archive.org/web/20220419164922/https://www.gamespot.com/articles/harassed-dev-tells-lizard-squad-hacker-im-coming-f/1100-6428738/ |url-status=live }}</ref>


== False claims ==
== False claims ==


=== Bomb threats ===
=== Bomb threats ===
On August 24, 2014, Lizard Squad claimed that a plane on which the president of [[Sony Online Entertainment]], [[John Smedley (developer)|John Smedley]], was flying ([[American Airlines]] Flight 362), had explosives on board.<ref>{{cite news|title=Who Are Lizard Squad - Isis-Linked Hackers or Trolls Making Bomb Threats?|url=http://www.ibtimes.co.uk/who-are-lizard-squad-isis-linked-hackers-trolls-making-bomb-threats-1462639|access-date=23 December 2014|work=International Business Times}}</ref><ref name=Forbes>{{cite news|title=Hackers Ground Sony Executive's Flight With Bomb-Threat Tweet|url=https://www.forbes.com/sites/insertcoin/2014/08/24/sony-online-entertainment-presidents-flight-diverted-by-psn-hackers-bomb-threat/|access-date=26 December 2014|work=Forbes}}</ref> The flight from Dallas to San Diego made an unscheduled landing in Phoenix, Arizona. Sony Online Entertainment announced that the FBI was investigating the incident.<ref name=Forbes/>
On August 24, 2014, Lizard Squad claimed that a plane on which the president of [[Sony Online Entertainment]], [[John Smedley (developer)|John Smedley]], was flying ([[American Airlines]] Flight 362), had explosives on board.<ref>{{cite news|title=Who Are Lizard Squad - Isis-Linked Hackers or Trolls Making Bomb Threats?|url=http://www.ibtimes.co.uk/who-are-lizard-squad-isis-linked-hackers-trolls-making-bomb-threats-1462639|access-date=23 December 2014|work=International Business Times|archive-date=23 November 2019|archive-url=https://web.archive.org/web/20191123172432/https://www.ibtimes.co.uk/who-are-lizard-squad-isis-linked-hackers-trolls-making-bomb-threats-1462639|url-status=live}}</ref><ref name=Forbes>{{cite news|title=Hackers Ground Sony Executive's Flight With Bomb-Threat Tweet|url=https://www.forbes.com/sites/insertcoin/2014/08/24/sony-online-entertainment-presidents-flight-diverted-by-psn-hackers-bomb-threat/|access-date=26 December 2014|work=Forbes|archive-date=12 January 2020|archive-url=https://web.archive.org/web/20200112025947/https://www.forbes.com/sites/insertcoin/2014/08/24/sony-online-entertainment-presidents-flight-diverted-by-psn-hackers-bomb-threat/|url-status=live}}</ref> The flight from Dallas to San Diego made an unscheduled landing in Phoenix, Arizona. Sony Online Entertainment announced that the FBI was investigating the incident.<ref name=Forbes/>


=== Facebook, Instagram, and Tinder attack ===
=== Facebook, Instagram, and Tinder attack ===


On January 26, 2015, several social media services including [[Facebook]] and [[Instagram]] were unavailable to users. [[Tinder (application)|Tinder]] and [[HipChat]] were also affected. Lizard Squad claimed responsibility for the attacks, via a posting on a [[Twitter]] account previously used by the group.<ref>Lizard Squad, [https://twitter.com/lizardmafia/status/559963134006292481 Facebook, Instagram, Tinder, AIM, Hipchat #offline #LizardSquad], [[Twitter]], January 26, 2015</ref> The outage, originally speculated to be a [[Denial-of-service_attack#Distributed_DoS_attack|distributed denial-of-service attack]], lasted a little under an hour before services were restored.<ref>Hachman, Mark, [http://www.pcworld.com/article/2875973/internet-problems-take-out-facebook-instagram-others.html Internet problems take out Facebook, Instagram, others; Lizard Squad takes credit], [[PC World]], January 26, 2015</ref>
On January 26, 2015, several social media services including [[Facebook]] and [[Instagram]] were unavailable to users. [[Tinder (application)|Tinder]] and [[HipChat]] were also affected. Lizard Squad claimed responsibility for the attacks, via a posting on a [[Twitter]] account previously used by the group.<ref>Lizard Squad, [https://twitter.com/lizardmafia/status/559963134006292481 Facebook, Instagram, Tinder, AIM, Hipchat #offline #LizardSquad] {{Webarchive|url=https://web.archive.org/web/20150129142723/https://twitter.com/LizardMafia/status/559963134006292481 |date=2015-01-29 }}, [[Twitter]], January 26, 2015</ref> The outage, originally speculated to be a [[distributed denial-of-service attack]], lasted a little under an hour before services were restored.<ref>Hachman, Mark, [http://www.pcworld.com/article/2875973/internet-problems-take-out-facebook-instagram-others.html Internet problems take out Facebook, Instagram, others; Lizard Squad takes credit] {{Webarchive|url=https://web.archive.org/web/20170208044238/http://pcworld.com/article/2875973/internet-problems-take-out-facebook-instagram-others.html |date=2017-02-08 }}, [[PC World]], January 26, 2015</ref><ref>{{cite web|url=https://www.dazeddigital.com/artsandculture/article/23405/1/lizard-squad-hackers-claim-to-shut-down-facebook-and-tinder|title=Lizard Squad hackers claim to shut down Facebook and Tinder|work=Dazed Digital|accessdate=2023-07-29|archive-date=2023-07-29|archive-url=https://web.archive.org/web/20230729180041/https://www.dazeddigital.com/artsandculture/article/23405/1/lizard-squad-hackers-claim-to-shut-down-facebook-and-tinder|url-status=live}}</ref>


Facebook later released a statement saying its own engineers were to blame, and that the disruption to its services was not the result of a third-party attack, but instead occurred after they introduced a change that affected their configuration systems.<ref>{{cite web | url=https://www.bbc.com/news/technology-30996928 | title=Facebook says it caused fault that sent services offline | publisher=BBC News | access-date=27 January 2015}}</ref>
Facebook later released a statement saying its own engineers were to blame, and that the disruption to its services was not the result of a third-party attack, but instead occurred after they introduced a change that affected their configuration systems.<ref>{{cite news | url=https://www.bbc.com/news/technology-30996928 | title=Facebook says it caused fault that sent services offline | date=27 January 2015 | publisher=BBC News | access-date=27 January 2015 | archive-date=27 June 2019 | archive-url=https://web.archive.org/web/20190627195917/https://www.bbc.com/news/technology-30996928 | url-status=live }}</ref>


=== Explicit celebrity photos ===
=== Explicit celebrity photos ===
On January 27, 2015, Lizard Squad claimed to have compromised [[Taylor Swift]]'s Twitter and Instagram accounts. Once they claimed to have access, they threatened to release nude photos in exchange for [[bitcoins]]. Taylor Swift, however, retorted that "there were no naked pics" and told the offenders to "have fun" finding any.<ref>{{cite web|last1=Esther|first1=Lee|title=Taylor Swift's Social Media Accounts Hacked, Threatened With Nude Photo Leak: Read Her Response|url=http://www.usmagazine.com/celebrity-news/news/taylor-swift-hacked-threatened-with-nude-photo-leak-2015271|publisher=US Weekly|access-date=27 January 2015}}</ref>
On January 27, 2015, Lizard Squad claimed to have compromised [[Taylor Swift]]'s Twitter and Instagram accounts. Once they claimed to have access, they threatened to release nude photos in exchange for [[bitcoins]]. Taylor Swift, however, retorted that "there were no naked pics" and told the offenders to "have fun" finding any.<ref>{{cite web|last1=Esther|first1=Lee|title=Taylor Swift's Social Media Accounts Hacked, Threatened With Nude Photo Leak: Read Her Response|date=27 January 2015|url=http://www.usmagazine.com/celebrity-news/news/taylor-swift-hacked-threatened-with-nude-photo-leak-2015271|publisher=US Weekly|access-date=27 January 2015|archive-date=27 August 2016|archive-url=https://web.archive.org/web/20160827190604/http://www.usmagazine.com/celebrity-news/news/taylor-swift-hacked-threatened-with-nude-photo-leak-2015271|url-status=live}}</ref>


=== Conspiracy theory ===
=== Conspiracy theory ===
On January 4, 2021, American lawyer and conspiracy theorist [[L. Lin Wood|Lin Wood]] tweeted out baseless claims that a group of hackers named "the lizard squad" have evidence of a global [[Sex trafficking|sex ring]] involving several high-profile Americans, similar to the discredited [[conspiracy theory]] [[QAnon|Qanon]].<ref name=":0">{{Cite web|date=2021-01-04|title=Trump-aligned attorney says he's teamed with 'Lizard Squad' to prove Supreme Court harbors pedophiles|url=https://www.dailydot.com/debug/trump-attorney-lizard-squad/|access-date=2021-01-04|website=The Daily Dot|language=en-US}}</ref> There seems to be no relation between the "lizard squad" mentioned by Wood and the [[Security hacker|black-hat hacking]] group Lizard Squad, and Vinnie Omari, a member of the Lizard Squad, refutes any claim that his group may have information on a global sex-trafficking organization. <ref>{{Cite web|title=Pro-Trump Lawyer Lin Wood Is Doing a Helluva Job Convincing People He's Not Insane|url=https://www.vice.com/en/article/wx8pnb/pro-trump-lawyer-lin-wood-is-doing-a-helluva-job-convincing-people-hes-not-insane|access-date=2021-01-04|website=www.vice.com|language=en}}</ref>
On January 4, 2021, American lawyer and conspiracy theorist [[L. Lin Wood|Lin Wood]] tweeted out baseless claims that a group of hackers named "the lizard squad" have evidence of a global [[Sex trafficking|sex ring]] involving several high-profile Americans, similar to the discredited [[conspiracy theory]] [[QAnon|Qanon]].<ref name=":0">{{Cite web|date=2021-01-04|title=Trump-aligned attorney says he's teamed with 'Lizard Squad' to prove Supreme Court harbors pedophiles|url=https://www.dailydot.com/debug/trump-attorney-lizard-squad/|access-date=2021-01-04|website=The Daily Dot|language=en-US|archive-date=2022-03-29|archive-url=https://web.archive.org/web/20220329014748/https://www.dailydot.com/debug/trump-attorney-lizard-squad/|url-status=live}}</ref> There seems to be no relation between the "lizard squad" mentioned by Wood and the [[Security hacker|black-hat hacking]] group Lizard Squad, and Vinnie Omari, a member of the Lizard Squad, denies any claim that his group may have information on a global sex-trafficking organization.<ref>{{Cite web|title=Pro-Trump Lawyer Lin Wood Is Doing a Helluva Job Convincing People He's Not Insane|url=https://www.vice.com/en/article/wx8pnb/pro-trump-lawyer-lin-wood-is-doing-a-helluva-job-convincing-people-hes-not-insane|access-date=2021-01-04|website=www.vice.com|language=en|archive-date=2022-03-07|archive-url=https://web.archive.org/web/20220307112717/https://www.vice.com/en/article/wx8pnb/pro-trump-lawyer-lin-wood-is-doing-a-helluva-job-convincing-people-hes-not-insane|url-status=live}}</ref>


== Known members==
== Known members==


===Vinnie Omari===
===Vinnie Omari===
Vinnie Omari is a member of the Lizard Squad who was arrested and bailed under the alleged offences of "Enter into/concerned in acquisition/retention/use or control criminal property, Fraud by false representation - Fraud Act 2006, Conspire to steal from another, unauthorized computer access with intent to commit other offences". He was used as a public face on television and as a spokesperson for the news to represent LizardSquad.<ref>{{cite news|title=Krebs on security article on Lizard Squad|url=http://krebsonsecurity.com/2014/12/lizard-kids-a-long-trail-of-fail/|access-date=30 January 2015}}</ref><ref name="Vinnie">{{cite web|title=LizardSquad Statement to Vinnie Omari|url=https://twitter.com/LizardLands/status/684898520416022529}}</ref>
Vinnie Omari is a member of the Lizard Squad who was arrested and bailed under the alleged offences of "Enter into/concerned in acquisition/retention/use or control criminal property, Fraud by false representation - Fraud Act 2006, Conspire to steal from another, unauthorized computer access with intent to commit other offences". He was used as a public face on television and as a spokesperson for the news to represent LizardSquad.<ref>{{cite news|title=Krebs on security article on Lizard Squad|url=http://krebsonsecurity.com/2014/12/lizard-kids-a-long-trail-of-fail/|access-date=30 January 2015|archive-date=2 January 2020|archive-url=https://web.archive.org/web/20200102112340/https://krebsonsecurity.com/2014/12/lizard-kids-a-long-trail-of-fail/|url-status=live}}</ref><ref name="Vinnie">{{cite web|title=LizardSquad Statement to Vinnie Omari|url=https://twitter.com/LizardLands/status/684898520416022529|access-date=2016-11-18|archive-date=2020-07-19|archive-url=https://web.archive.org/web/20200719033939/https://twitter.com/LizardLands/status/684898520416022529|url-status=live}}</ref>


===Julius Kivimäki===
===Julius Kivimäki===
Julius Kivimäki (zeekill) is a Finnish member of Lizard Squad convicted in July 2015 on over 50,000 counts of computer crime.<ref>{{cite news|url=http://www.dailydot.com/crime/lizard-squad-indicted-julius-kivimaki/|title=Lizard Squad hacker convicted on 50,000 hacking charges
Julius Kivimäki (zeekill) is a Finnish member of Lizard Squad convicted in July 2015 on over 50,000 counts of computer crime.<ref>{{cite news|url=http://www.dailydot.com/crime/lizard-squad-indicted-julius-kivimaki/|title=Lizard Squad hacker convicted on 50,000 hacking charges|work=The Daily Dot|date=7 July 2015|access-date=13 April 2016|archive-date=27 August 2019|archive-url=https://web.archive.org/web/20190827210845/https://www.dailydot.com/crime/lizard-squad-indicted-julius-kivimaki/|url-status=live}}</ref> In 2022, he was also suspected of the [[Vastaamo data breach]], after having hacked around 50,000 psychotherapy patients' medical records and demanded ransoms for not publishing them.<ref name="vastaamo">{{Cite web |title=Tällainen on Julius Kivimäki, jota epäillään Vastaamon tietomurrosta |url=https://www.iltalehti.fi/kotimaa/a/17d03315-438f-43cb-8a78-780d947650fc |access-date=2023-02-28 |website=Iltalehti |language=fi |archive-date=2023-03-06 |archive-url=https://web.archive.org/web/20230306111445/https://www.iltalehti.fi/kotimaa/a/17d03315-438f-43cb-8a78-780d947650fc |url-status=live }}</ref>
|work=The Daily Dot|date=7 July 2015|access-date=13 April 2016}}</ref>


===Zachary Buchta===
===Zachary Buchta===


19-year-old Zachary Buchta (fbiarelosers) from Maryland, has been charged with computer crimes associated with a series of distributed denial-of-service (DDoS) attacks, stolen credit cards and selling DDoS-for-hire services. He was one of the members behind LizardSquad and also the Co-Group "PoodleCorp" which launched distributed denial-of-service (DDoS) attacks against multiple networks, YouTubers and gaming services. Buchta was hiding behind the Twitter alias @fbiarelosers, @xotehpoodle, and the online aliases "pein" and "lizard".<ref name="motherboard">{{cite web|title=Feds Accuse Two 19-Year-Olds Of Hacking For Lizard Squad and PoodleCorp|url=http://motherboard.vice.com/read/feds-accuse-two-19-year-olds-of-hacking-for-lizard-squad-and-poodlecorp}}</ref><ref name="digitaltrends">{{cite web|title=Feds arrest two alleged teenage members of Lizard Squad and PoodleCorp|url=http://www.digitaltrends.com/computing/doj-lizard-squad-poodle-corp-arrests}}</ref><ref name="nowloading">{{cite web|title=Members of Hacker Groups PoodleCorp and Lizard Squad Arrested and Charged By the FBI|url=https://nowloading.co/p/poodlecorp-lizard-squad-ddos-attackers-taken-down-by-feds/4113577}}</ref><ref name="justicegov">{{cite web|title=American and Dutch Teenagers Arrested on Criminal Charges for Allegedly Operating International Cyber-Attack-For-Hire Websites|url=https://www.justice.gov/usao-ndil/file/900826/download}}</ref>
19-year-old Zachary Buchta (fbiarelosers) from Maryland, has been charged with computer crimes associated with a series of distributed denial-of-service (DDoS) attacks, stolen credit cards and selling DDoS-for-hire services. He was one of the members behind LizardSquad and also the Co-Group "PoodleCorp" which launched distributed denial-of-service (DDoS) attacks against multiple networks, YouTubers and gaming services. Buchta was hiding behind the Twitter alias @fbiarelosers, @xotehpoodle, and the online aliases "pein" and "lizard".<ref name="motherboard">{{cite web|title=Feds Accuse Two 19-Year-Olds Of Hacking For Lizard Squad and PoodleCorp|url=http://motherboard.vice.com/read/feds-accuse-two-19-year-olds-of-hacking-for-lizard-squad-and-poodlecorp|access-date=2016-11-18|archive-date=2016-11-18|archive-url=https://web.archive.org/web/20161118225152/http://motherboard.vice.com/read/feds-accuse-two-19-year-olds-of-hacking-for-lizard-squad-and-poodlecorp|url-status=live}}</ref><ref name="digitaltrends">{{cite web|title=Feds arrest two alleged teenage members of Lizard Squad and PoodleCorp|date=6 October 2016|url=http://www.digitaltrends.com/computing/doj-lizard-squad-poodle-corp-arrests|access-date=18 November 2016|archive-date=18 November 2016|archive-url=https://web.archive.org/web/20161118224555/http://www.digitaltrends.com/computing/doj-lizard-squad-poodle-corp-arrests/|url-status=live}}</ref><ref name="nowloading">{{cite web|title=Members of Hacker Groups PoodleCorp and Lizard Squad Arrested and Charged By the FBI|url=https://nowloading.co/p/poodlecorp-lizard-squad-ddos-attackers-taken-down-by-feds/4113577|access-date=2016-11-18|archive-date=2016-11-19|archive-url=https://web.archive.org/web/20161119060358/https://nowloading.co/p/poodlecorp-lizard-squad-ddos-attackers-taken-down-by-feds/4113577|url-status=live}}</ref><ref name="justicegov">{{cite web|title=American and Dutch Teenagers Arrested on Criminal Charges for Allegedly Operating International Cyber-Attack-For-Hire Websites|url=https://www.justice.gov/usao-ndil/file/900826/download|access-date=2016-11-20|archive-date=2019-08-07|archive-url=https://web.archive.org/web/20190807211113/https://www.justice.gov/usao-ndil/file/900826/download|url-status=live}}</ref>


===Bradley Jan Willem van Rooy===
===Bradley Jan Willem van Rooy===

19-year-old Bradley Jan Willem van Rooy (UchihaLS) from the Netherlands, has been charged with computer crimes associated with a series of distributed denial-of-service (DDoS) attacks, stolen credit cards and selling DDoS-for-hire services.
19-year-old Bradley Jan Willem van Rooy (UchihaLS) from the Netherlands, has been charged with computer crimes associated with a series of distributed denial-of-service (DDoS) attacks, stolen credit cards and selling DDoS-for-hire services.
He was one of the members behind LizardSquad who was mainly responsible for launching the DDoS-attacks announced by the group. Also he was one of the two managers behind the Twitter account @LizardLands which is the main Twitter account of LizardSquad since January 2015. He was normally hiding behind his Twitter alias @UchihaLS (which stands for Uchiha LizardSquad) and the online aliases "UchihaLS", "Uchiha" and "Dragon".<ref name="motherboard" /><ref name="digitaltrends" /><ref name="nowloading" /><ref name="justicegov" />
He was one of the members behind LizardSquad who was mainly responsible for launching the DDoS-attacks announced by the group. Also he was one of the two managers behind the Twitter account @LizardLands which is the main Twitter account of LizardSquad since January 2015. He was normally hiding behind his Twitter alias @UchihaLS (which stands for Uchiha LizardSquad) and the online aliases "UchihaLS", "Uchiha" and "Dragon".<ref name="motherboard" /><ref name="digitaltrends" /><ref name="nowloading" /><ref name="justicegov" />

Revision as of 22:10, 26 April 2024

Lizard Squad
FormationAugust 18, 2014
TypeHacking
Membership
7

Lizard Squad was a black hat hacking group, mainly known for their claims of distributed denial-of-service (DDoS) attacks[1] primarily to disrupt gaming-related services.

On September 3, 2014, Lizard Squad seemingly announced that it had disbanded[2] only to return later on, claiming responsibility for a variety of attacks on prominent websites. The organization at one point participated in the Darkode hacking forums and shared hosting with them.[3][4]

On April 30, 2016, Cloudflare published a blogpost detailing how cyber criminals using this group's name were issuing random threats of carrying out DDoS attacks. Despite these threats, Cloudflare claim they failed to carry through with a single attack.[5][6] As a result of this, the British National Fraud Intelligence Bureau issued an alert warning businesses not to comply with ransom messages threatening DDoS attacks.[7][8]

Distributed denial-of-service attacks

A distributed denial-of-service (DDoS) attack occurs when numerous systems flood the bandwidth or resources of a targeted system, usually one or more web servers.[9] Such an attack is often the result of multiple systems (for example a botnet) flooding the targeted system with traffic. When a server is overloaded with connections, new connections can no longer be accepted.

Notable actions

Lizard Squad has claimed responsibility for launching a string of DDoS attacks against high-profile game-related services over the course of a few months in late 2014. On August 18, 2014, servers of the game League of Legends were taken offline with a DDoS attack; this was claimed as Lizard Squad's first attack.[10] Days later, on August 24, the PlayStation Network was disrupted via a DDoS attack.[11] On November 23, the group claimed they attacked Destiny servers with a DDoS attack.[12] On December 1, Xbox Live was apparently attacked by Lizard Squad: users attempting to connect to use the service would be given the 80151909 error code.[13] On December 2, Lizard Squad defaced Machinima.com, replacing their front page with ASCII art of their logo.[14] A week after, on December 8, Lizard Squad claimed responsibility for another PlayStation Network DDoS attack.[15][16] On December 22, though not game-related, Internet in North Korea was taken offline by a DDoS attack.[17] Lizard Squad claimed responsibility for the attack and linked to an IP address located in North Korea.[18] North Korean Internet services were restored on 23 December 2014.[19]

Christmas attacks

Lizard Squad had previously threatened to take down gaming services on Christmas.[20]

On December 25, 2014 (Christmas Day), Lizard Squad claimed to have performed a DDoS attack on the PlayStation Network and Xbox Live. On December 26, 2014, at 2:00 AM,[when?] Lizard Squad appeared to stop attacking PlayStation Network and Xbox Live. Gizmodo reported that the attacks may have ceased after Kim Dotcom offered Lizard Squad 3000 accounts on his upload service MEGA.[21]

Tor sybil attack

On December 26, 2014, a Sybil attack involving more than 3000 relays was attempted against the Tor network.[22] Nodes with names beginning with "LizardNSA" began appearing, Lizard Squad claimed responsibility for this attack.[23]

The relevance of the attack was questioned. According to Tor relay node operator Thomas White, the consensus system made that Lizard Squad only managed to control "0.2743% of the network, equivalent of a tiny VPS".[24]

Malaysia Airlines website attack

On January 26, 2015, the website of Malaysia Airlines was attacked, apparently by Lizard Squad, calling itself a "cyber caliphate". Users were redirected to another page bearing an image of a tuxedo-wearing lizard, and reading "Hacked by Cyber Caliphate". Underneath this was text reading "follow the cyber caliphate on twitter" after which were the Twitter accounts of the owner of UMG, "@UMGRobert" and CEO of UMG, "@UMG_Chris". The page also carried the headline "404 - Plane Not Found", an apparent reference to the airline's loss of flight MH370 the previous year. Malaysia Airlines assured customers and clients that customer data had not been compromised.[25]

Media reports around the world said versions of the takeover in some regions included the wording "ISIS will prevail", which listed concerns of Lizard Squad's association with the Islamic State.[25]

Daybreak Games DDoS

On July 9, 2015, game servers operated by Daybreak Game Company, including those of H1Z1 and PlanetSide 2, were disrupted by a DDoS attack that Lizard Squad claimed responsibility for.[26][27] The attack was performed in retaliation to legal threats John Smedley, the company's CEO, had made after being targeted by the hacking group.[28]

False claims

Bomb threats

On August 24, 2014, Lizard Squad claimed that a plane on which the president of Sony Online Entertainment, John Smedley, was flying (American Airlines Flight 362), had explosives on board.[29][30] The flight from Dallas to San Diego made an unscheduled landing in Phoenix, Arizona. Sony Online Entertainment announced that the FBI was investigating the incident.[30]

Facebook, Instagram, and Tinder attack

On January 26, 2015, several social media services including Facebook and Instagram were unavailable to users. Tinder and HipChat were also affected. Lizard Squad claimed responsibility for the attacks, via a posting on a Twitter account previously used by the group.[31] The outage, originally speculated to be a distributed denial-of-service attack, lasted a little under an hour before services were restored.[32][33]

Facebook later released a statement saying its own engineers were to blame, and that the disruption to its services was not the result of a third-party attack, but instead occurred after they introduced a change that affected their configuration systems.[34]

Explicit celebrity photos

On January 27, 2015, Lizard Squad claimed to have compromised Taylor Swift's Twitter and Instagram accounts. Once they claimed to have access, they threatened to release nude photos in exchange for bitcoins. Taylor Swift, however, retorted that "there were no naked pics" and told the offenders to "have fun" finding any.[35]

Conspiracy theory

On January 4, 2021, American lawyer and conspiracy theorist Lin Wood tweeted out baseless claims that a group of hackers named "the lizard squad" have evidence of a global sex ring involving several high-profile Americans, similar to the discredited conspiracy theory Qanon.[36] There seems to be no relation between the "lizard squad" mentioned by Wood and the black-hat hacking group Lizard Squad, and Vinnie Omari, a member of the Lizard Squad, denies any claim that his group may have information on a global sex-trafficking organization.[37]

Known members

Vinnie Omari

Vinnie Omari is a member of the Lizard Squad who was arrested and bailed under the alleged offences of "Enter into/concerned in acquisition/retention/use or control criminal property, Fraud by false representation - Fraud Act 2006, Conspire to steal from another, unauthorized computer access with intent to commit other offences". He was used as a public face on television and as a spokesperson for the news to represent LizardSquad.[38][39]

Julius Kivimäki

Julius Kivimäki (zeekill) is a Finnish member of Lizard Squad convicted in July 2015 on over 50,000 counts of computer crime.[40] In 2022, he was also suspected of the Vastaamo data breach, after having hacked around 50,000 psychotherapy patients' medical records and demanded ransoms for not publishing them.[41]

Zachary Buchta

19-year-old Zachary Buchta (fbiarelosers) from Maryland, has been charged with computer crimes associated with a series of distributed denial-of-service (DDoS) attacks, stolen credit cards and selling DDoS-for-hire services. He was one of the members behind LizardSquad and also the Co-Group "PoodleCorp" which launched distributed denial-of-service (DDoS) attacks against multiple networks, YouTubers and gaming services. Buchta was hiding behind the Twitter alias @fbiarelosers, @xotehpoodle, and the online aliases "pein" and "lizard".[42][43][44][45]

Bradley Jan Willem van Rooy

19-year-old Bradley Jan Willem van Rooy (UchihaLS) from the Netherlands, has been charged with computer crimes associated with a series of distributed denial-of-service (DDoS) attacks, stolen credit cards and selling DDoS-for-hire services. He was one of the members behind LizardSquad who was mainly responsible for launching the DDoS-attacks announced by the group. Also he was one of the two managers behind the Twitter account @LizardLands which is the main Twitter account of LizardSquad since January 2015. He was normally hiding behind his Twitter alias @UchihaLS (which stands for Uchiha LizardSquad) and the online aliases "UchihaLS", "Uchiha" and "Dragon".[42][43][44][45]

References

  1. ^ "How A Hacker Gang Literally Saved Christmas For Video Game Players Everywhere". Business Insider. Archived from the original on 17 January 2015. Retrieved 25 December 2014.
  2. ^ "Lizard Squad Hacker Collective Announces Disbanding". Softpedia News. Archived from the original on 29 June 2020. Retrieved 26 December 2014.
  3. ^ MalwareTech (December 2014). "Darkode - Ode to Lizard Squad (The Rise and Fall of a Private Community)". Archived from the original on 21 July 2015. Retrieved 4 August 2015.
  4. ^ Buncombe, August (15 July 2015). "Darkode: FBI shuts down notorious online forum and cracks 'cyber hornet's nest of criminal hackers'". The Independent. Archived from the original on 14 June 2020. Retrieved 4 September 2017.
  5. ^ Paine, Justin (29 April 2016). "Lizard Squad Ransom Threats: New Name, Same Faux Armada Collective M.O." CloudFlare Blog. CloudFlare, Inc. Archived from the original on 14 June 2020. Retrieved 17 May 2016.
  6. ^ Ashok, India (April 30, 2016). "Armada Collective impersonators now posing as Lizard Squad in DDoS scam". International Business Times. Archived from the original on 15 June 2020. Retrieved 17 May 2016.
  7. ^ Russon, Mary-Ann (May 3, 2016). "Fake 'Lizard Squad' DDoS demands hit UK businesses spurring police warning". International Business Times. Archived from the original on 30 June 2020. Retrieved 17 May 2016.
  8. ^ "Online extortion demands affecting businesses". Action Fraud. 29 April 2016. Archived from the original on 30 August 2018. Retrieved 17 May 2016.
  9. ^ Taghavi Zargar, Saman (November 2013). "A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks" (PDF). IEEE COMMUNICATIONS SURVEYS & TUTORIALS. pp. 2046–2069. Archived (PDF) from the original on 2016-08-17. Retrieved 2014-03-07.
  10. ^ Gilbert, David (August 26, 2014). "Who Are Lizard Squad - Isis-Linked Hackers or Trolls Making Bomb Threats?". International Business Times. Archived from the original on November 23, 2019. Retrieved December 23, 2014.
  11. ^ Zorabedian, John (August 26, 2014). ""Lizard Squad" hackers force PSN offline, and Sony exec from the sky". Naked Security. Archived from the original on July 21, 2020. Retrieved December 26, 2014.
  12. ^ Schmitz, Alex (November 23, 2014). "Destiny Gamers Facing Connection Errors, Servers DDOS'ed by the Lizard Squad". Gamechup. Archived from the original on December 29, 2019. Retrieved December 26, 2014.
  13. ^ McWherter, Michael (December 1, 2014). "Xbox Live having issues, hacker group claims responsibility for taking it offline [update]". Polygon. Archived from the original on June 8, 2020. Retrieved December 26, 2014.
  14. ^ "Sony hack: North Korea back online after internet outage". BBC Newsbeat. Archived from the original on 11 March 2015. Retrieved 23 December 2014.
  15. ^ "PlayStation Network Hacked 'By Lizard Squad'". Sky News. London. December 8, 2014. Archived from the original on April 9, 2016. Retrieved December 26, 2014.
  16. ^ Jones, Gary (December 9, 2014). "Sony confirm DDOS attack after Lizard Squad claim PSN 'take down' affecting PS4 and PS3: SONY have confirmed the Playstation Network was hit by a DDOS attack this week, affecting both the PS4 and PS3". Express. London. Archived from the original on January 30, 2015. Retrieved December 26, 2014.
  17. ^ "Sony hack: North Korea back online after internet outage". Ars Technica. Archived from the original on 9 June 2020. Retrieved 23 December 2014.
  18. ^ "North Korean Web goes dark days after Obama pledges response to Sony hack". Washington Post. Archived from the original on 9 July 2020. Retrieved 23 December 2014.
  19. ^ "Sony hack: North Korea back online after internet outage". BBC News. BBC. Archived from the original on 12 July 2020. Retrieved 23 December 2014.
  20. ^ "Xbox Live: Lizard Squad hackers promise DDoS attacks at Christmas". International Business Times. Archived from the original on 9 June 2020. Retrieved 25 December 2014.
  21. ^ "Kim Dotcom May Have Just Saved Holiday Gaming". Gizmodo. Archived from the original on 27 March 2019. Retrieved 26 December 2014.
  22. ^ "[tor-consensus-health] Possible Sybil Attack". "tor-consensus-health" mailing list. Archived from the original on 23 June 2019. Retrieved 26 December 2014.
  23. ^ "Hackers Who Shut Down PSN and Xbox Live Now Attacking Tor". Gizmodo. Archived from the original on 31 October 2019. Retrieved 26 December 2014.
  24. ^ TheCthulhu [@CthulhuSec] (26 December 2014). "Congrats to Lizard Squad people who with 3300 or so relays control 0.2743% of the network. Equivalent of a tiny VPS" (Tweet). Retrieved 26 December 2014 – via Twitter.
  25. ^ a b Malaysia Airlines website 'compromised' by 'cyber caliphate' Lizard Squad hackers Archived 2018-02-28 at the Wayback Machine, ABC News Australia, 26 Jan 2015
  26. ^ "Lizard Squad attacks PlanetSide 2, H1Z1, more". Eurogamer.net. 10 July 2015. Archived from the original on 19 April 2022. Retrieved 19 April 2022.
  27. ^ "Lizard Squad Brings Down H1Z1 and PlanetSide 2 Servers After Daybreak CEO Calls Out Hackers". GameRevolution. 10 July 2015. Archived from the original on 19 April 2022. Retrieved 19 April 2022.
  28. ^ "Harassed Dev Tells Lizard Squad Hacker "I'm Coming For You"". GameSpot. Archived from the original on 19 April 2022. Retrieved 19 April 2022.
  29. ^ "Who Are Lizard Squad - Isis-Linked Hackers or Trolls Making Bomb Threats?". International Business Times. Archived from the original on 23 November 2019. Retrieved 23 December 2014.
  30. ^ a b "Hackers Ground Sony Executive's Flight With Bomb-Threat Tweet". Forbes. Archived from the original on 12 January 2020. Retrieved 26 December 2014.
  31. ^ Lizard Squad, Facebook, Instagram, Tinder, AIM, Hipchat #offline #LizardSquad Archived 2015-01-29 at the Wayback Machine, Twitter, January 26, 2015
  32. ^ Hachman, Mark, Internet problems take out Facebook, Instagram, others; Lizard Squad takes credit Archived 2017-02-08 at the Wayback Machine, PC World, January 26, 2015
  33. ^ "Lizard Squad hackers claim to shut down Facebook and Tinder". Dazed Digital. Archived from the original on 2023-07-29. Retrieved 2023-07-29.
  34. ^ "Facebook says it caused fault that sent services offline". BBC News. 27 January 2015. Archived from the original on 27 June 2019. Retrieved 27 January 2015.
  35. ^ Esther, Lee (27 January 2015). "Taylor Swift's Social Media Accounts Hacked, Threatened With Nude Photo Leak: Read Her Response". US Weekly. Archived from the original on 27 August 2016. Retrieved 27 January 2015.
  36. ^ "Trump-aligned attorney says he's teamed with 'Lizard Squad' to prove Supreme Court harbors pedophiles". The Daily Dot. 2021-01-04. Archived from the original on 2022-03-29. Retrieved 2021-01-04.
  37. ^ "Pro-Trump Lawyer Lin Wood Is Doing a Helluva Job Convincing People He's Not Insane". www.vice.com. Archived from the original on 2022-03-07. Retrieved 2021-01-04.
  38. ^ "Krebs on security article on Lizard Squad". Archived from the original on 2 January 2020. Retrieved 30 January 2015.
  39. ^ "LizardSquad Statement to Vinnie Omari". Archived from the original on 2020-07-19. Retrieved 2016-11-18.
  40. ^ "Lizard Squad hacker convicted on 50,000 hacking charges". The Daily Dot. 7 July 2015. Archived from the original on 27 August 2019. Retrieved 13 April 2016.
  41. ^ "Tällainen on Julius Kivimäki, jota epäillään Vastaamon tietomurrosta". Iltalehti (in Finnish). Archived from the original on 2023-03-06. Retrieved 2023-02-28.
  42. ^ a b "Feds Accuse Two 19-Year-Olds Of Hacking For Lizard Squad and PoodleCorp". Archived from the original on 2016-11-18. Retrieved 2016-11-18.
  43. ^ a b "Feds arrest two alleged teenage members of Lizard Squad and PoodleCorp". 6 October 2016. Archived from the original on 18 November 2016. Retrieved 18 November 2016.
  44. ^ a b "Members of Hacker Groups PoodleCorp and Lizard Squad Arrested and Charged By the FBI". Archived from the original on 2016-11-19. Retrieved 2016-11-18.
  45. ^ a b "American and Dutch Teenagers Arrested on Criminal Charges for Allegedly Operating International Cyber-Attack-For-Hire Websites". Archived from the original on 2019-08-07. Retrieved 2016-11-20.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Lizard_Squad&oldid=1220945888"