Lizard Squad back to blast Blizzard’s gaming hub

Lizard Squad has hit gaming firm Blizzard’s servers with a massive DDoS attack.

Blizzard's Battle.net services were left intermittently unavailable as a result of the assault, the latest in a long line of hacking attacks against gaming firms by the notorious black hat hacking crew. Blizzard confirmed an attack in the earlier hours of Thursday morning before saying the issue had largely been resolved two hours later, in messages sent through Blizzard’s official customer support Twitter feed.

Lizard Squad claimed responsibility for attacks against Blizzard as well as attacks against World of Warcraft and other gaming outfits early on Thursday morning. There’s no confirmation but circumstances suggest each was targeted with Lizard’s Squad’s so-called stresser.

The black hat group infamously attacked the PlayStation and Xbox Live networks in the run up to Christmas 2014 shortly before launching a DDoS for hire service.

Arrests and convictions since then caused the group to go quiet for some time but now it’s back, possibly with a new line-up. DDoSers go after gaming firms partly because they are gamers themselves, which makes them aware of the environment and exposes them to DDoS (AKA booter) services, and partly because gaming services are emotive targets that help miscreants achieve notoriety.

Chris Boyd, a senior malware intelligence analyst at Malwarebytes and avid gamer, told El Reg that the latest DDoS attacks might be a smokescreen for a more dangerous attack.

“While DDoS attacks are an inevitability in gaming circles, the bigger problem here appears to be the compromised email address screenshots currently in circulation,” Boyd explained. “Apart from the possibility of personal information being harvested and used for other types of attack, it's a perfect diversionary tactic ensuring gaming companies shift resources to deal with the possibility of their inner network being taken over.

“Would the decision-makers at Blizzard be more inclined to tackle anything related to email (or related) breaches first, or a DDoS which would inevitably subside? The risk to customer data would be greater by focusing on the DDoS, which inevitably leads to longer delays in getting the games back online. Not an ideal situation, and Blizzard could catch heat regardless of what they decide to do,” Boyd concluded. ®