# Lizard Squad launches Tor 0day



## ChrisM (Dec 26, 2014)

If you are a Tor user it might be a good idea to pay attention to this. 

http://gizmodo.com/hackers-who-shut-down-psn-and-xbox-live-now-attacking-t-1675331908



> Uh oh. Lizard Patrol, the hacking group claiming responsibility for the Christmas attacks on PlayStation and Xbox Live, has announced a new target: Tor, the anonymous internet service.
> 
> 
> 
> ...


----------



## hzr (Dec 26, 2014)

There are no implications on tor anonymity at this time, because new relays are not permitted to exit.

Someone is misusing the word 0day badly.

Awful journalism all around.


----------



## Flapadar (Dec 26, 2014)

I had a check a while ago, and they're only relaying about 30kbps of traffic. 

https://trac.torproject.org/projects/tor/wiki/doc/badRelays

Not going to be an issue. If they start getting traffic people can just mark their relays as bad and move on with their life.


----------



## drmike (Dec 26, 2014)

Flapadar said:


> I had a check a while ago, and they're only relaying about 30kbps of traffic.
> 
> https://trac.torproject.org/projects/tor/wiki/doc/badRelays
> 
> Not going to be an issue. If they start getting traffic people can just mark their relays as bad and move on with their life.



Well, new relays get no traffic really for days.  Give them a week and they'll be getting a chunk of traffic.

Long have said this was an issue and why I don't support Tor anymore.  Just said it in past 48 hours on here.

This is far from the first time that lots of end nodes under an intent group. Ho hum.

As far as folks marking their relays as bad, unless Tor, leadership, etc. does this network wide, it won't matter to large percentage of folks who blindly use Tor.  Nothing stopping anyone from running Exit nodes that aren't easily identified as a malicious group activity.


----------



## hzr (Dec 26, 2014)

Flapadar said:


> I had a check a while ago, and they're only relaying about 30kbps of traffic.
> 
> https://trac.torproject.org/projects/tor/wiki/doc/badRelays
> 
> Not going to be an issue. If they start getting traffic people can just mark their relays as bad and move on with their life.


For some reason I don't actually think this googlecloud+aws capacity was legitimately paid for, and it's probably going to be terminated before it even gets close to hitting the 80+ days required for exit relays to get full trust


----------



## RTGHM (Dec 27, 2014)

I love how it's called a "0day" when all it is, is very simply a bunch of kids who carded a few servers and put tor relays up.  In addition, the "leader" who launched the big attack, Vinnie Omari is literally a 22 year old UK guy, whom I have his cell #, and he's a pretty chill guy. He only launched the attack because he's looking for a job and wanted to prove he know's what he is doing. 

If anyone heard the radio interview, I was laughing my ass off when Vinnie said "I have a 10 year old brother who said he couldn't play minecraft because everything was down and I told him _it'll probably be up soon* " *_the reporter responds with "you didn't have the balls to say I'm the idiot who took it down?"


----------



## k0nsl (Dec 27, 2014)

To prove what he's doing? I don't believe launching DDoS attacks is a complicated task or requires any particular "know-how", really. Anybody can do it. It's also illegal in most countries: so if he's longing to mop the floors of a prison somewhere in the UK, for a few quid a month (or whatever the pay-out rate is in the UK), then he's really doing a good job on _*"getting there"*_. Meh..



RTGHM said:


> I love how it's called a "0day" when all it is, is very simply a bunch of kids who carded a few servers and put tor relays up.  In addition, the "leader" who launched the big attack, Vinnie Omari is literally a 22 year old UK guy, whom I have his cell #, and he's a pretty chill guy. He only launched the attack because he's looking for a job and wanted to prove he know's what he is doing.
> 
> If anyone heard the radio interview, I was laughing my ass off when Vinnie said "I have a 10 year old brother who said he couldn't play minecraft because everything was down and I told him _it'll probably be up soon* " *_the reporter responds with "you didn't have the balls to say I'm the idiot who took it down?"


----------



## RTGHM (Dec 27, 2014)

He is on Sky News Network live at noon EST (5-6PM London, UK time). Launching DDoS isn't complicated at all - the matter of the fact is, he just bruteforced some servers, and uploaded a perl script to launch an attack. Skills required? None.

He is boasting how Sky News offered him a job while he was in the waiting room.



k0nsl said:


> To prove what he's doing? I don't believe launching DDoS attacks is a complicated task or requires any particular "know-how", really. Anybody can do it. It's also illegal in most countries: so if he's longing to mop the floors of a prison somewhere in the UK, for a few quid a month (or whatever the pay-out rate is in the UK), then he's really doing a good job on _*"getting there"*_. Meh..


----------



## k0nsl (Dec 27, 2014)

Did he accept the offer?  :lol:


----------



## Joshua-Epic (Dec 27, 2014)

LizardSquad is just asking for problems considering even larger hacking groups are now targeting them for their stupid decisions. In all honesty, how does taking down PSN and XboxLive get you anywhere? All your doing is pissing off a bunch of video gamers on the holiday. Thats about it. As far as Lizard Squad controlling Tor servers, as another user mentioned, they were probably paid for with bogus credit cards and fake information and will most certainly be shut down soon anyways.


----------



## GIANT_CRAB (Dec 28, 2014)

Oh yes. The news and media reported that they have hacked PSN and Xbox network using DDoS. They must be some really professional, scary and elite hackers. Oh look, they're probably going to get really buttmad after seeing my post here and dox me and give me some free publicity on their Twitter.


----------

