Lizard Squad’s cyberattack tool hacked, customer details leaked

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

Lizard Squad, the hacking group that took down Xbox Live and PlayStation Network on Christmas day and then tried to sell its tools to people on the internet, has been hacked itself.

An American journalist claims to have accessed a customer database for LizardStresser, the tool that the group claims can give customers the ability to execute similar hacks to the one that took down Xbox and Sony’s online gaming networks.

Brian Krebs, an American security journalist, has been active in engaging with the group since the Christmas hack and didn’t say where he got the documents from.

The group charged between $6 and $500 in bitcoin to use the tool for varying amounts of time. It is thought that the cyberattacks on the gaming networks — which took some functionality down for almost a week through a distributed denial of service attack — were advertising for the tool.

Krebs has said that the tool runs on hacked home network routers.

It is the second setback for the group in a week, after a teenager was arrested on Friday in connection with the hacks.

All of the login details for users were stored in plain text, Krebs claimed, which means that they can be read easily if the database is found.

The documents show that the tool attracted “more than 14,241 registered users, but only a few hundred appear to have funded accounts at the service”, Krebs claims. But paying customers deposited more than $11,000 in bitcoins with the group, he said.