Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Games

Hacker Taunts Blizzard After Knocking Gamers Offline (csoonline.com) 99

Reader itwbennett writes: A person nicknamed AppleJ4ck, who has been previously been linked to Lizard Squad, a group notorious for DDoS attacks against gaming platforms, including the PlayStation Network and Xbox Live, has taken credit for server outages affecting gaming giant Blizzard (Alternate source: ZDNet) Monday morning. The outages led to authentication lockouts for gamers attempting to access Overwatch, Hearth Stone, World of Warcraft, Diablo, Heroes of the Stone, and others. During the outage, AppleJ4ck said Monday's problems were just a test, promising more outages in the future.
This discussion has been archived. No new comments can be posted.

Hacker Taunts Blizzard After Knocking Gamers Offline

Comments Filter:
  • DDOS is lame (Score:5, Insightful)

    by KlomDark ( 6370 ) on Monday June 20, 2016 @10:32AM (#52352233) Homepage Journal

    Never had any respect for lamers who just do DDOSs. That's not hacking, it's just being annoying. Doesn't take any special skills.

    It's nothing like breaking through some code or router or something that actually proves that you are of elite intelligence.

    Breaking directly into Blizzard is one thing, but just snowing them under with myriad packets just isn't impressive.

    Find something else to do with your life.

    • > Doesn't take any special skills.

      Depends on who you are attacking. Anyone who could find a weak point in AWS and take down a whole datacenter, would be impressive and quite scary.

      Sure, renting a bunch of zombie machines and doing DDOS is nothing special, but rolling up your own malware (or just convincing a shit load of people to help you) is much more impressive.

      Note: by impressive, I mean likelihood of a SWAT team to come down and bust your ass.

    • Re: (Score:3, Interesting)

      by Anonymous Coward

      I've said it before and I'll say it again.

      DDOSing is the online equivalent of the 3 stooges getting stuck in a door.

      Morons like that deserve to be smacked across the face, at minimum. Doing it on purpose to keep others out deserves what another AC said - to be skinned alive on public display to inform others of what they can expect for themselves if they want to be "cool" like that. I do not believe in reforming people who are willfully malicious. Snuff them out.

  • by DogDude ( 805747 ) on Monday June 20, 2016 @10:37AM (#52352261)
    This is going to keep happening, because the Internet was never, every designed for something like this. Security is near impossible, because it was designed to be an OPEN system, not a closed one, with security everywhere. Like it or not, the Internet is going to continue to break in bigger and bigger ways.
    • Re: (Score:3, Interesting)

      It may have been designed to be open, but in practice it suffers a deep mono-culture of protocols (DNS and DHCP) and a lack of redundancy, especially at the proverbial "last mile", where the ISP can 'drop anchor' on your connection on a whim. It is still not an ad hoc network, which it needs to be if it is to be truly open, and if you want to keep it from breaking.

    • If AS owners were filtering the traffic in and out, it would reduce this kind of attacks.

      By filtering I mean that if a packet goes out, it has to originate from an IP of the AS; and if a packet goes in, it cannot come from an IP on the inside.

      This would effectively anihilate a type of DDOS I will not describe here for obvious reasons.

      But AFAIK, the infrastructure cost is not worth it ... yet ?

    • > This is going to keep happening, because the Internet was never, every designed for something like this.

      All it'll actually take is ISPs to actually implement egress filtering. Pretty much every major DDoS method out there requires forged packets to execute. Deny them that and the problem goes away.

  • Didn't affect me (Score:3, Interesting)

    by The-Ixian ( 168184 ) on Monday June 20, 2016 @10:42AM (#52352297)

    I played WoW pretty much all weekend and did not encounter any issues.

    Hopefully apple jack continues to throw this level of expertise at the "real" attack.

    • by Mashiki ( 184564 )

      Keep in mind that WoW and Overwatch use a whole pile of different data centers. Personally? I hope Blizzard comes after them with everything they can gather and sue the shit weasel into the ground.

    • Same here, no issues all weekend on both WoW and Overwatch.
  • How about... (Score:2, Insightful)

    by Lumpy ( 12016 )

    Game makers stop with the fucking cloud required crap?

    Let me run my own damn server, and authentication so I can just play it? Stuff that in your bunghole.

    • Re:How about... (Score:5, Insightful)

      by Gojira Shipi-Taro ( 465802 ) on Monday June 20, 2016 @10:53AM (#52352387) Homepage

      I don't think you understand what "MMO"s are.

      This isn't a case of people not being able to play single player games. Not even a case of people not being able to play something that could be reasonably hosted by individuals, such as Quake ][.

      Multiplayer games do have a huge audience for which much of the appeal lies in the service having huge numbers of other players. I don't play any of them anymore, but I can see how this could be a problem for a large number of people.

      • by Anonymous Coward

        I don't think you understand what "MMO"s are.

        This isn't a case of people not being able to play single player games. Not even a case of people not being able to play something that could be reasonably hosted by individuals, such as Quake ][.

        Multiplayer games do have a huge audience for which much of the appeal lies in the service having huge numbers of other players. I don't play any of them anymore, but I can see how this could be a problem for a large number of people.

        As far as it being a problem, consumers can obtain some pretty incredible upload speeds these days, so I fail to see why you could not break apart the hosting burden (ala P2P/torrent) across those players who have the bandwidth and hosting horsepower to handle a "chunk" of that.

        Of course, this would also require finding a reasonable ISP who doesn't try and ass-rape you with usage caps or other bullshit restrictions that would mandate a higher-priced "business" account. Sadly, that could be a larger challen

        • by Calydor ( 739835 )

          Because the instant you allow hosting on one of the clients you make it a LOT more likely that some kind of hack (as in god mode, wallhacks and such) is going to be deployed.

          If you 100% control the server it is far less likely.

          As an example, in WoW's early days the server trusted client information too much resulting in people running around at insane speeds. Glide, I believe the hack was called. Imagine how that would go down if a random player had actual access to the server information.

        • As far as it being a problem, consumers can obtain some pretty incredible upload speeds these days

          Most services have a high download rate and a low upload rate. Additionally, many services provide burstable connectivity which is horrible for hosting gaming servers.

          I really don't see the need to host your own server in today's wide availability of servers. Gaming companies don't cater to the minority, they cater to the majority because that's what makes the games lucrative and stable.

          There are still indie companies out there that make games where you can self host (such as Rust) but the cost of hardware

        • by cfalcon ( 779563 )

          If you want to play on a private server, go ahead. There's plenty of them.

          But if you want to play on a full Blizzard server, then you need a whole datacenter tracking MANY players, that's multiple machines, not just one, all interconnected. That's the world of warcraft- millions of players who can communicate instantly, and interact in game instantly. The reason everyone is connecting to these datacenters is because they provide a service you can't repeat locally. It's not about upload bandwidth, it is

          • If you want to play on a private server, go ahead. There's plenty of them.

            But if you want to play on a full Blizzard server, then you need a whole datacenter tracking MANY players, that's multiple machines, not just one, all interconnected. That's the world of warcraft- millions of players who can communicate instantly, and interact in game instantly. The reason everyone is connecting to these datacenters is because they provide a service you can't repeat locally. It's not about upload bandwidth, it is about latency, and a distributed network is inherently terrible at that. It is very much about processing power, and RAM, and these are serious machines all hooked together doing that to support that many players.

            Just think about designing it for a second- if I move my character from X to Y, on the live system my client tells the wow server what I did, which validates it (so I'm not teleport hacking), updates its internal state, figures out which players are close to me, and then sends data needed to draw my character to them. This means that your client doesn't need to know the whole of the world, it just needs the section you can see, etc.

            Now try this distributed. Every distributed node needs a constant copy of the world, and all must be in sync. You need a way to figure out how to resolve disputes, and if some of the nodes are compromised you need to find a way to figure that out. You have the same problems that bitcoin does, but you need to do it instantly and simultaneously. It's laughable.

            WoW is divided into shards. Each shard might have a few thousand client subscriptions of which only a few hundred are online at any time. Most MMOs operate this way. What this means is that millions of WoW players do not interact in the same world, and they cannot even chat between the different shards. In fact the only place all WoW players can interact together is on the Community Forum.

            If you want a real MMO experience where all* the players are in the same persistent, real time, game instance (sing

            • by cfalcon ( 779563 )

              > WoW is divided into shards.

              This is technically true, but read on!

              > What this means is that millions of WoW players do not interact in the same world

              They absolutely do. I can send you a tell from any server. I can invite you to party from any other server, and then you will phase into my server immediately. The only exception? If I'm a lower level than you by a lot, then I will instead phase onto your server (no matter who did the invite: prevented from people making world hopping alts- o

      • by Anonymous Coward

        I don't think you've played modern MMOs recently.

        The "massively multiplayer" part is a joke. Everything is instanced off and you have large, empty zones that might as well be single player.

        There's no reason not to let people host the instances themselves just like old Quake II servers, since pretty much all a modern MMO does is have a bunch of players run around a given map. Hell, they'll even teleport you to the map rather than require you to go there in the game world, and automated match-making means you

      • Can you tell me why single player Diablo 3 needs to be connected? Especially considering that the connection, which only updates the chat, keeps going down so often. I can play WoW, WoT, STO, etc all day but get kicked off of D3 regularly.

      • I don't think you understand what "MMO"s are.

        If I could play WoW solo or have my own server & only play with friends, I'd probably get back into it again.

    • Give me DRM free games any day!

  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Monday June 20, 2016 @10:50AM (#52352361)
    Comment removed based on user account deletion
    • ...figure out the ping command. Sending packets? Only a mastermind.

      Oh? Did you have first hand knowledge of the attack to base your comments on the fact that someone read the man page for ping? Or maybe DDOSing can be done in a wide variety of attacks ranging from the fairly lame (ping) to the far more advanced (e.g. NTP Reflection). Or do you actually think a bunch of computers running ping are able to bring down a large high bandwidth datacentre, in which case pot meet kettle.

    • by Maow ( 620678 )

      ...figure out the ping command. Sending packets? Only a mastermind.

      There's a lot more to modern DDoS attacks via amplification / reflection [akamai.com] than a bunch of ping packets (from 2013):

      Recently, DDoS attacks have spiked up well past 100 Gbps several times. A common move used by adversaries is the DNS reflection attack, a category of Distributed, Reflected Denial of Service (DRDos) attack. To understand how to defend against it, it helps to understand how it works.

      100 Gbps is staggeringly large and nearly impossible to defend against. "Well past 100 Gbps" is mind boggling. Di

      • by Bengie ( 1121981 )
        100Gb is nothing these days. We now have 32Tb/s trunk lines with 400Gb/s channels, soon 1Tb/s channels. Core routers rated in petabits per second. 100Gb just doesn't seem like a lot.
  • by stealth_finger ( 1809752 ) on Monday June 20, 2016 @10:52AM (#52352385)
    DDoS isn't hacking.
  • The outages led to authentication lockouts for gamers attempting to access Overwatch, Hearth Stone, World of Warcraft, Diablo, Heroes of the Stone, and others.

    Looking forward to seeing if it's any good.

  • by Anonymous Coward

    No, just another poser s'kiddie. But that's the only kind you get on /. these days. You just know where the editor's sympathies are.

  • Heroes of the Stone? Wow - can't wait for this new game!

    And isn't the 'others' really just Starcraft...? (If you clump the Warcraft games in with WoW.)
  • by JustNiz ( 692889 ) on Monday June 20, 2016 @01:05PM (#52353719)

    OK so you have managed to build a botnet large enough to give you the potential to apply pressure to change the world in some small way, and the best you can come up with is to ruin the weekend for a few kids by disrupting traffic to some game servers? Pathetic, just Utterly Pathetic.
    Thats the real trouble with Lizard Squad and all the other DDOS skript kiddies these days. They have zero fucking style or imagination.

  • by Yvan256 ( 722131 ) on Monday June 20, 2016 @01:14PM (#52353795) Homepage Journal

    With a name like AppleJ4ck, it does tell us that he's part of a team. Expect more hacks from Flutt3rShy, P1nkieP1e, R4riTy, Rainb0wD4sh and Tw1l1ghtSp4rkle.

Children begin by loving their parents. After a time they judge them. Rarely, if ever, do they forgive them. - Oscar Wilde

Working...