LulzSec. The C$%Ts that hacked Minecraft.net
-
Lulz Security, the hacking group apparently motivated by nothing more than their desire to laugh at the mayhem they cause, has had a busy day in an event they called Titanic Takeover Tuesday. Taking a break from their dumps of user data and server break-ins, today saw the group perform a bunch of distributed denial of service attacks against a range of targets.
First up—and still only intermittently available at the time of writing—was gaming magazine The Escapist, with no apparent reason for the attack. LulzSec boasted that taking down the site required just 0.4 percent of its DDoS capacity.
Next in line were the login servers for the game EVE Online. The effect of this attack was to bring down the EVE Online website at the same time, though LulzSec insists that this was not the actual target. In response to the DDoS, CCP Games, makers of EVE, have taken all their systems offline, for fear that they might be hacked. The company has also issued a statement to assure customers that their personal information remains secure.
The third target—and the only one for which the group has offered a rationale beyond "lulz"—is an IT security company named Finfisher. Their site was taken down, briefly, because "apparently they sell monitoring software to the government or some Griefers like that."
Gamers were once more in the crosshairs with the fourth target; more login servers, this time for Minecraft. Just as with EVE Online, going after the login servers also took out the game's website.
The pattern was repeated for the fifth target; login servers for the game League of Legends were knocked offline, a move which also brought down the game's website.
The result of all this? Lot of enraged gamers complaining about the downtime, and hence, many lulz for Lulz Security. Going after gaming targets hasn't made the group universally popular; posters on 4chan's /b/ forum, who might normally be sympathetic to lulz-motivated shenanigans, attempted to hunt LulzSec down. LulzSec dismissed the "/b/tards" as "damn furries," saying that they were the cream of the /b/ crop from 2005, distancing themselves from the /b/tards of today.
Article from http://arstechnica.com/tech-policy/news/2011/06/titanic-takeover-tuesday-lulzsecs-busy-day-of-hacking-escapades.ars
Basically a bunch of ass holes that don't deserve the carbon they're made up of and wasting valuable oxygen. -
The Escapist and LoL where only affected for extended downtime since they manually took their services offline as a precaution.
Everything else was just a short burst of DDOS attacks. -
-
Yes. Yes they can.
dubien
Umm can't these guys get in trouble with the law from doing this? -
Oh !! No Wonder LoL Extended The Maintenance Until This Friday .... Darn You Hackers D:<
-
Being attacked merely lifts the security level in the aftermath and thus, making them more secure against more nefarious hackers.
A la Playstation Network. -
-
-
DavH27
Being attacked merely lifts the security level in the aftermath and thus, making them more secure against more nefarious hackers.
A la Playstation Network.
In the case of a DDOS attack in which they're doing last night, they can easily portray that their managing it again and again.
With the tatic they employ [attacking http web servers] it will be hard to determine attacking traffic from legimate traffic, so unless they throw more bandwidth at it for a few bursts of a dos, there is not much they can do. -
They can lessen the effect by working out if IP's are connecting to the server with too many connections or at too fast an interval and banning that IP address for 24-48 hours. But that doesn't prevent the server from failing, it only helps lessen the impact(While it stops the server from wasting CPU time preparing PHP/etc to send to the banned IP's, it will still spend some CPU time on them).
-
Stucuk
They can lessen the effect by working out if IP's are connecting to the server with too many connections or at too fast an interval and banning that IP address for 24-48 hours. But that doesn't prevent the server from failing, it only helps lessen the impact(While it stops the server from wasting CPU time preparing PHP/etc to send to the banned IP's, it will still spend some CPU time on them).
From a botnet though, you won't really notice any visible difference, and you'll have a large database of IP's to check against to see if the IP is blocked especially from a large botnet, further wasting CPU time [Perhaps more than that was needed to execute the script.]
I'll admit, if this webserver or the minecraft server got DDOS'd via http from a large botnet, it'll overload, and there is not much I can do to to prevent it, sure you can limit max connections, but a botnet of 20k computers all connecting once in a small time period. How can you tell apart the real from the attacker? -
-
my daily dose of lulz. now i can be an upstanding citisen for the rest of the day.
-
These guys are just low life fags tet your right they are a waste of human oxygen and space.
-
I'd read up a bit on thier manifesto and what they say on Twitter and such before you go believing what the popular media wants you to thi.....er I mean...what the popular media 'report' on.
Anyways, for those that want to believe it, they believe they found the leader: http://twitter.com/#!/MrDavidHarrison/status/83152698228211712
Oh wait, no they didnt: http://twitter.com/#!/LulzSec/status/83164092998758400 -
-
Mulan
And they got one of them.
http://www.bbc.co.uk/news/technology-13859868
Wow, these guys are no life idiots. Do they actually think they can get away with this stuff? -
DavH27
I'd read up a bit on thier manifesto and what they say on Twitter and such before you go believing what the popular media wants you to thi.....er I mean...what the popular media 'report' on......
What a load of crap. The "hackers" are nothing but script kiddies with a sense of entitlement and an ego that does not match their skill level. Any idiot can buy a zombie network and do damage to online businesses. Any one reading "how to hack for dummies" can probably break into most government web sites and deface them.
Just because some nerd wrote a "manifesto" to try and justify their behavior, that does not make it alright.
If you really want to point out security weak points in a site or a network, then simply tell the admins of those sites/networks. Sometimes the admins don't listen or turn a blind eye, in that case, tell the admin's boss. Or, tell the CEO of the business.
You can't just run around a city tossing bricks through the front doors of businesses and say "see, look how weak the security is on that glass door".
These script kiddies need to grow the f**k up and realize they will be spending hard time in prison if they screw over enough people. Everyone can be found eventually. -
They didn't get one of them. They just arrested a kid who hosted one of their IRC servers...
[EDIT] I just realised the irony of what I am saying. I am saying to not believe the red-tops because they say what you want to hear, but what is the stop the owner of LulzSec Twitter account doing exactly the same...? Hmmm interesting.
M0 you have some valid points. The glass door one actually made me laugh out loud
-
Ryan was the one who about a year back spilled the beans on some of the users attacks. He was part of it. But seemed to disagree.
-
i dont understand why people do that kind of stuff and im glad that guy got caught
-
The Attention. There are proberly some groups which do it only to people who deserve it (Such as UbiSoft and there evil "Always online" system. People DDos'd there servers and proved how stupid there system was.) but the vast majority just do it for the attention.
CreepersWantHug
i dont understand why people do that kind of stuff and im glad that guy got caught
Look at me, im soo 1337 because i overloaded a server! -
-
-
Over? With today's mentality of some people, I doubt it's over. There'll just come someone new along.
