(adsbygoogle = window.adsbygoogle || []).push({}); Lizard Squad Member Said Group Provided Log-Ins Used In Sony Attack

You must login or register to view this content.

An administrator of Lizard Squad, the anonymous hacking group that claimed credit for the last week’s attacks on Sony’s PlayStation Network and Microsoft’s Xbox Live, says in an interview that the group provided the hackers behind the massive cyber attack on Sony Pictures with log-in information from “a couple” of Sony employees, information used in the initial attacks that exposed a vast trove of sensitive corporate data.


Separately, cybersecurity firm Norse announced the results of its own unofficial investigation into the Sony hack. The company, which first spotted the computer break-in last month, identified six people, including a laid-off former tech specialist who’d worked a decade at the company as having “direct involvement in the attack.” Others involved were from Canada, Thailand and Singapore.

The FBI has blamed North Korea’s leaders for ordering the attack after they became angered with The Interview, a Sony comedy that features the assassination of North Korean autocrat Kim Jong-un, but many outside technical observers speculated that the scope and extended duration of the Sony Pictures attack required someone to have insider connections to Sony systems. Norse said it would turn over its findings to the FBI today.

As for the Lizard Squad, “Cleary” said its members know some of the members of Guardians of Peace, the group claiming responsibility for the Sony Pictures attack, but his group had little to do with the attack other than providing the log-ins.

“Cleary” also said the PlayStation Network/Xbox Live attacks were designed to spotlight security weaknesses in the two networks, which are used by millions of gamers to play each other, to buy or stream films and TV shows, and to share content they’ve created. Lizard Squad had warned a month ahead of time that it would attack PSN and Xbox Live, but had no problems taking down the systems when it came time. That ease, “Cleary” wrote, tells “quite a bit” about the companies’ commitment to security.

“It tells you how much money they’ve put into securing their systems,” wrote “Cleary.” “Not having people take down your business-critical systems like this should be one of your top security priorities. Which it clearly isn’t.”

The Lizard Squad used distributed denials-of-service attacks to prevent gamers from signing in. With such attacks, a network of computer servers sends massive amounts of traffic to a site, overwhelming its ability to let legitimate users in. “Cleary” said Lizard Squad was sending 1.2 terabits per second, a massive amount of information, at the PSN/Xbox Live networks during the attacks.

“Cleary” said Sony has since hired a large firm specializing in defending against such DDoS attacks, but that Lizard Squad had been unable to detect any changes at Microsoft.

Brian KrebsProminent computer-security writer Brian Krebs wrote on his blog, identifying two young European hackers who gave interviews Friday to the BBC as alleged members of Lizard Squad. Krebs identified one as a U.K. “security consultant” named Vinnie Omari, 22. The other was a 16-year-old from Finland identified as Julius Kivimaki, who had been arrested a year ago for running a huge “botnet” of 60,000 hacked servers (the kind used in DDoS attacks).

The group largely called off its attacks on Sony and Xbox by Sunday, after online activist and MegaUpload founder Kim DotCom provided them with $300,000 worth of vouchers for his content-hosting service. According to Krebs, Omari subsequently surfaced on a hacker site looking to sell off some of the vouchers and make a profit from the Sony attack.

Since ending the Sony/Xbox attack, Lizard Squad said in both the interview and on Tweets that it has been probing vulnerabilities in the Tor network of anonymous email servers. The Tor service is used by many, including human-rights activists, to avoid government or other surveillance of their communications.

“Cleary” also said the group went “a bit too far” when it tweeted in August that explosives might be on a plane carrying John Smedley, president of Sony Online Entertainment. The plane was diverted from San Francisco to Phoenix and escorted to the ground by fighter jets. The incident happened after another distributed denial-of-service attack on PlayStation networks that month.

“Ryan Cleary” told the Washington Post reporter, Brian Fung, that most of the group lived in the European Union or Eastern Europe, and that “law enforcement really isn’t that big of a deal for us here.”