Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Hacker Group Disrupts Video Game Service in DDoS Attack

“Lizard Squad” Knocks Video Game Servers of Blizzard Entertainment Offline

Servers operated by Blizzard Entertainment went down yesterday following a distributed denial of service (DDoS) attack against the video game company,claimed by the Lizard Squad hacking group. 

“Lizard Squad” Knocks Video Game Servers of Blizzard Entertainment Offline

Servers operated by Blizzard Entertainment went down yesterday following a distributed denial of service (DDoS) attack against the video game company,claimed by the Lizard Squad hacking group. 

The outage knocked the online function of several games offline, including World of Warcraft, Diablo 3, Starcraft 2, and Hearthstone, the notorious hacking group announced on Twitter. The group revealed attacks against both US and EU Blizzard servers, and suggested in a subsequent tweet that more similar attacks will be coming.

Although the company did not provide specific details on the affected services or games, Blizzard did confirm the attack, saying that the issue affected connection to games. However, the attack was mitigated fast and services were restored in roughly one hour. 

On its support forums, the company explained that the attack impacted one of its datacenters but that “engineers put up some buffers to resolve the issue, and realms should start recovering.” Blizzard didn’t provide additional details on the attack, yet some users suggested that the attack might have been orchestrated by the community behind the Nostalrius server, which was shut down recently, despite the lack of evidence to sustain the claim.

The Lizard Squad also claimed to have hacked into an employee’s Outlook account, which resulted in personal info and contact lists with information about other Blizzard employees being exposed.

The hacking group has been associated with a variety of high profile DDoS attacks, a series one against PlayStation and Xbox networks in December 2014, which brought both networks down on Christmas. Operating a DDoS tool available for hire, the Lizard Squad has inspired copycats, including a so-called Phantom Squad that threatened to disrupt gaming networks last Christmas. 

Given Lizard Squad’s involvement in DDoS attacks against gaming platforms, it remains to be seen what exactly determined the group to target Blizzard. 

As Ofer Gayer, senior security researcher at Imperva for the Incapsula product line, told SecurityWeek that gaming servers are a top target of DDoS assaults. Incidents involving gaming platforms have accounted for some of the largest and longest attacks on recent record, he said.

“Since online gaming platforms are highly sensitive to latency and availability issues, they’re ideal DDoS attack targets. Mitigating DDoS on game servers is a particularly complex task. Gamers are very sensitive to the impact on latency, so what may be considered negligible for most services, can be very frustrating for the gaming community. This can be affected by multiple factors, most prominently the distribution of scrubbing locations and TTM (time to mitigate).

“According to our own research, in the past two years alone, the number of DDoS attacks has actually gone up by 100 percent – that’s twice as many attacks this year as last year and they are increasing in the number attacks and rate of attacks.  In just the past three years, 45 percent of gaming sites were attacked, and 75 percent of them will get attacked again, as we’re seeing today,” Gayer concluded.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...