Η team LizardSquad, που χτύπησε το Xbox Live και το PlayStation Network over Christmas, revealed that their motivation was to go public with the website designed to allow anyone to pay to hit websites on the internet.
Brian Krebs of KrebsOnSecurity, who has been investigating the team for quite some time, he says that the DDoS tool they use draws most of the network bandwidth from hacked routers located on homeα σε όλο τον κόσμο. Το λάθος των ιδιοκτητών αυτών των routers; Το ότι χρησιμοποιούν τα εργοστασιακά προεπιλεγμένα ονόματα χρηστών και κωδικούς πρόσβασης.
Krebs reports that their botnet LizardSquad is not completely dependent on home routers. It also uses commercial university and business routers as well as other devices.
His research shows that the malware isn't just targeting routers for attacks, but is scanning the internet for more devices using factory default settings. This means it is constantly on the lookout for more routers and other devices to infect, which could be anything from PCs and servers to connected cameras.
Krebs also said the previous attempt by LizardSquad to create a botnet to disrupt the Tor network attempted to buy thousands of Google cloud computing services using stolen credit cards. Google quickly realized the effort and closed their accounts.
A Google spokesperson told Krebs: "We are aware of these reports, and have taken appropriate action." The data of the system can be found at Pastebin and mailing list of the Tor project.
For everyone do not like the idea of using their connection to DDoS attacks, the existence of the LizardSquad botnet is a timely reminder to make sure you have changed your router's username and password from the factory settings.