Hacked Wi-Fi Routers Causing Latest Lizard Squad Attacks

Notorious hacking group Lizard Squad has apparently been using unsecured home internet routers to power its LizardStresser service, new research has discovered.

LizardStresser, which offers paying customers the chance to take down websites using DDoS (Distributed Denial of Service) attacks, was reportedly run by the group as part of a widespread ‘marketing campaign’ for Lizard Squad.

Hackers were easily able to gain access to thousands of routers in homes, universities and businesses due to users not changing their factory passwords, instead relying on combinations such as ‘admin/admin,’ or ‘root/12345’.

The hack affected routers across the globe, with internet users now being urged to change the default credentials on their home router – including the user name and password – as well as encrypting the connection if they are using a wireless router.

Taken down

The information was uncovered by noted security blogger Brian Krebs on his KrebsOnSecurity site, which worked with a group of researchers associated with law enforcement officials and ISPs to help take infected systems offline, and thus disrupt the LizardStresser botnet.

Lizard Squad, which was behind the attacks on Sony’s PlayStation Network and Microsoft’s Xbox Live servers over the Christmas period, charged customers anywhere between $6 and $500 to use the service depending on the scale of the target (see picture above).

KrebsOnSecurity was one of the first sites taken down in 2015 by a series “large and sustained” DDoS attacks, one of 17,439 attacks or boots run by LizardStresser to date.

According to Krebs, the malware used by Lizard Squad to build its network of “stresser bots” has been online since early 2014, and can affect commercial routers at universities and companies as well as homes.

“In addition to turning the infected host into attack zombies, the malicious code uses the infected system to scan the Internet for additional devices that also allow access via factory default credentials, such as ‘admin/admin,’ or ‘root/12345’,” wrote Krebs.

“In this way, each infected host is constantly trying to spread the infection to new home routers and other devices accepting incoming connections (via telnet) with default credentials.”

Poor Wi-Fi routers

The news follows a similar warning from antivirus provider Avast last December, which warned that the security of home routers is often shockingly behind modern standards.

Speaking to TechWeekEurope, company COO Ondrej Vlcek said that Wi-Fi routers were facing a range of attacks as hackers look to go after smaller targets, with recent research carried out by Avast finding that nearly three out of four internet-connected households in the UK was at risk of getting attacked through their wireless router.

Commenting on the latest attack, Vlcek said Lizard Squad’s use of hundreds of thousands of home routers to power their service proves how vulnerable home routers currently are and to what extent they can be abused.

“The target is not the routers themselves, they are simply used as a means to reach the ultimate target. We have identified critical vulnerabilities in many of the world’s most used routers and it’s frightening to think that hackers have access to an army of routers spread all over the world that they can take control of via botnets to launch massive DDOS attacks against major sites. This is just the beginning of router hacking and it is therefore vital that people properly protect themselves.”

What do you know about Internet security? Find out with our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

Microsoft Faces UK Probe Over Inflection Staff Hiring

Poaching staff? UK's CMA regulator confirms phase one investigation of Microsoft's “hiring” of former Inflection…

1 hour ago

Elon Musk To Relocate SpaceX, X HQ To Texas

Leaving California. Elon Musk protests new gender-identity law, says he will move headquarters of SpaceX…

2 hours ago

Hackers ‘Publish Walt Disney Internal Slack Data’

Hackers reportedly publish data from thousands of Disney internal Slack communications, including data on strategy…

1 day ago

Apple Shares Reach All-Time High On AI Optimism

Apple shares surge after Morgan Stanley rates company 'top pick' over AI plans and says…

1 day ago

Musk Confirms Robotaxi Delay For Design Change

Elon Musk confirms delay of Tesla robotaxi launch as company's shares surge after he publicly…

1 day ago

Silicon UK In Focus Podcast: The Value of Data

Discover the transformative power of data in our latest podcast. Learn how leveraging data can…

1 day ago