Christmas Hacking – The Aftermath

After the recent attacks on XBox Live and Playstation Network (and by effect, all online-only Console games), gamers have been crying for blood, pixelated or Lacertilian.

The first “Good News” came out of England, where one amygdala-challenged Vinnie Omari was arrested, and had his property searched under a warrant issued by Reading’s Magistrate Court, as part of an investigation for cyber-fraud against primarily Paypal, but also “Playstation Network and xBox Live over the Christmas period”.
This in no way means that “Security Analyst Vinnie Omari” is guilty, or even affiliated with Lizard Squad, and he is out on bail until a 10th of March hearing.

The South East Regional Organised Crime Unit (SEROCU) has arrested a 22-year-old man from Twickenham on suspicion of fraud by false representation and Computer Misuse Act offences.
The arrest yesterday (30/12) is in connection with an ongoing investigation in to cyber fraud offences which took place between 2013 and August 2014 during which victims reported funds being stolen from their PayPal accounts.
The arrested man was released on bail until 10 March.

SEROCU, December 2014

 

Out of Finland comes the news that Finnish 5-0, Keskusrikospoliisi, “interviewed” a 17-year old known as “Ryan”, though no formal charges are levelled at him. A person on Twitter, identifying himself as “Ryan” has previously declared to be a member of Lizard Squad, and at one point, the “official” Lizard Squad twitter account showed as being based in Finland.

The American Federal Bureau of Investigation (or FBI for short) have started an investigation into the Christmas Activities, according to an unnamed bureau-spokesperson, and Venturebeat’s GamesBeat.

Finn-Po are said to be working closely with the American Federales.

 

IT Security Professional Brian Krebs, of KrebsOnSecurity.com, went out of his way and dug into who the Lizard Squad is, finding that they are largely identical to another group named “Darkode“, and linking them to various websites and user-handles.
krabsonsecurity
Krebs goes through his most recent discoveries here, for all to enjoy, but fair warning: you may want to stay away from some of the things linked in his article.

 

Sony Computer Entertainment has reacted firstly by seeming to have some packet-filtering added to their internet connections. Some people who continued to have issues, were told to change the “MTU” (Maximum Transmission Unit) manually to either 1473 or even 1450. Depending on routers and people’s ISP, packets above a given size would result in being fragmented (split into 2 packets), which would then be filtered by the changes done on Sony’s end.

Fragmented packets is one way to overload a service, as it has to wait until it has all packets, before processing them; attackers would then send millions of packet #1, and never send #2 resulting in the service buffering a lot of useless data. As each point on the internet can have a different MTU, some people were advised to contact their ISP for clarifications.
Note: Subsequent message from Sony state that this was temporary, and recommends people reset it to the default value (1500). The original message has been removed from Sony’s support pages.

 

The other thing Sony is doing, is to give all PS+ owners (incl trial users) 5 days of free PS+ access. A relatively simple compensation, yet some are already whining that 5 random days do not equate to the gaming time they lost during the holidays, or having to spend time with family-members. Contractually (at least per Terms of Service), Sony wasn’t required to compensate for these days, so this is at least a step up from what they COULD have chosen to do (i.e., nothing), and the 5 days are estimated to equate to ca 5 million USD.

For non-PS+ players playing games like Warframe, there is a more generic compensation of a 10% discount on a single cart on the Playstation Network Store at some point in the near future. A bit of a slap in the face perhaps, though one can only wonder what Digital Extremes, Edge of Reality and the other companies with online-only F2P games on PSN are getting in compensation for lost business; naturally, they opted to use platforms, where the platform-provider (PSN/Live) act a s single-point-of-failure by design, for all online gameplay.

From Microsoft, we didn’t see any compensation for loss-of-holiday-gaming, at the time of compiling this.

 

Final note: If you use Microsoft Live, or Playstation Network, even if no information was stolen, we would like to recommend that you change your password(s), just for good measure.