The Lizard Squad, the hacking group most known for the Distributed Denial of Service, or DDoS attacks that it launches on video game networks, is apparently escalating its attacks toward bigger targets.
According to security researchers of Arbor Networks, the Lizard Squad has taken over thousands of CCTV cameras and webcams that are connected to the internet to be able to focus DDoS attacks on banks and websites of government departments.
The Lizard Squad DDoS group wrote the LizardStresser, a botnet that was released publicly by the Lizard Squad early last year that utilizes IoT devices to pile up the needed power for massive DDoS attacks.
The security company noted that the prime targets of hackers utilizing the LizardStresser are located in Brazil, with previous victims being two big banks, two telecommunications companies and two government agencies in the South American country.
LizardStresser attacks have also been launched against three big gaming companies based in the United States.
While the devices are nowhere near as powerful as a PC, amassing a collection of them will lead to enough power to take down secure websites. In one case that Arbor Networks monitored, an attack generated over 400 Gbps worth of traffic from several thousand sources and directed all of it to one target.
Why would the Lizard Squad choose to infiltrate CCTV's and webcams instead of breaking into PCs, which would require a much lower number of hacked devices to launch the same amount of traffic? The reason is that IoT devices are easy targets as they commonly have very little built-in security measures, along with reused and default log-in details.
In addition, customers who purchase such devices rarely install security patches sent out by manufacturers, which opens up the devices to the risk of being infected with malware that can be used for the Lizard Squad's DDoS attacks. Users may continue using the infected internet-connected devices, and would simply not be aware of its being used as a piece by hackers for their schemes.
Further research by Arbor Networks revealed that the devices contributing to DDoS attacks in the cases they studied mostly came from Vietnam, followed by Brazil. Almost 90 percent of the hosts utilized the NETSurveillance WEB interface, which is a generic code that powers webcams that can be accessed online.
The lesson behind all of this is that users should be informed about online security at all times, as you never know when your CCTV is contributing to the takedown of a website.
