Sony hackers hacked. Lizard Stresser database leaked online with credentials in plaintext

January 19, 2015  By Pierluigi Paganini


Database of the Lizard Stresser DDoS tool proposed by the Lizard Squad was leaked on like revealing that the group stored client’s credential in plaintext.

Last week the another alleged member of the popular Lizard Squad was arrested by UK authorities, the British Police in collaboration with the FBI identified a 18-year-old boy that is suspected to have participated to the to the DDoS attacks on the PlayStation Network and Xbox Live services.

The Lizard Squad was advertising a DDoS hacking tool, Lizard Stresser, that the team was offering for rent to its customers. The Lizard Stresser tool is a powerful DDoS tool that draws on Internet bandwidth from hacked home Internet routers worldwide.

Now is circulating on the Internet the database of customers for the Lizard Stresser, the entire archive containing the list of clients of the Lizard Squad. The experts believe that the DDoS-for-hire service has been breached, and bad actors leaked online details on more than 14,241 users.on more than 14,241 users.

Lizard Stresser 2

The popular security experts Brian Krebs, who analyzed the archive, discovered that customers’ data were stored in plain text, and that clients have deposited nearly $11,000 in Bitcoins to run DDoS attacks on thousands of Internet addresses.

“In an unrelated development, not long after this publication broke the news that the Lizard Squad’s attack infrastructure is built on a network of thousands of hacked home Internet routers, someone hacked LizardStresser[dot]su, the Web site the group uses to coordinate attacks and sell subscriptions to its attacks-for-hire service. As I noted in a previous story, the attacks on Microsoft and Sony were merely meant to be commercials for this very “stresser(a.k.a.booter”) service, which allows paying customers to knock any Web site or individual offline for a small fee.” wrote Krebs.

Lizard Stresser database

Brian Krebs speculated that the attack on Sony PSN network and Xbox Live service allowed Lizard Squad to promote LizardStresser Stresser, but the data breach could have definitely compromised the business of the hacking crew.

Pierluigi Paganini

(Security Affairs –  LizardStresser , data breach)



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

Verizon FiOS app flaw exposes 5 Million Customers' accounts

 Security expert discovered a critical flaw in Verizon's FiOS mobile app that could be exploited to access the email account...