LulzSec targets EVE Online, Minecraft, Escapist, League of Legends [Update]

LulzSec, the hacker group behind a string of recent attacks on game companies, has now targeted EVE Online, Minecraft, and the gaming Web site The Escapist. Minecraft is back online, but the other two remain down.

53

[Update] The group has now targeted League of Legends, bringing down the login servers and (apparently inadvertently) the Web site. The group says this "concludes" today's DDOS attacks, but we'll keep an eye out for any more shenanigans.

[Original Story] Hot off the heels of yesterday's Bethesda attacks, hacker group LulzSec has targeted more online games and even a gaming site. The group has claimed responsibility for attacks today against EVE Online, Minecraft, and gaming site The Escapist.

EVE Online was the apparent victim of a DDOS attack, which wiped out both the login server and the Web site. As of the time of writing, both are still unavailable. Minecraft, meanwhile, is back online according to creator Markus Persson (aka "Notch"). The Escapist is currently still down with a 403 error.

Of course, as services are restored it's smart to change your passwords for the affected sites, along with any other sites that you use similar login credentials for. LulzSec is already hinting at another attack in the works, so we'll update as new developments occur.

Editor-In-Chief
From The Chatty
  • reply
    June 14, 2011 1:00 PM

    Steve Watts posted a new article, LulzSec targets EVE Online, Minecraft, Escapist.

    LulzSec, the hacker group behind a string of recent attacks on game companies, has now targeted EVE Online, Minecraft, and the gaming Web site The Escapist. Minecraft is back online, but the other two remain down.

    • reply
      June 14, 2011 1:10 PM

      Is their goal to raise operating costs for everyone and encourage bad legislation that lasts for decades?

      • reply
        June 14, 2011 1:15 PM

        No, but that's what will happen. I bet it's something like how they do this so admins make a more secure server.

    • reply
      June 14, 2011 1:16 PM

      Bunch of stupid script kiddies. Can't wait until they get caught and made an example of.

      • reply
        June 14, 2011 1:20 PM

        Hint: These guys arn't script kiddies.

        • reply
          June 14, 2011 1:46 PM

          Do you know anything about the attacks they are using? They are using two pieces of software to carry out all their attacks, Havij and LOIC. Point software to a website an calling yourself a hacker is the very definition of a script kiddie.

          • reply
            June 14, 2011 1:58 PM

            Yep, point & click hacking. Takes even less talent than script kiddies.

          • reply
            June 14, 2011 1:59 PM

            Yes, I do.

            LOIC is a DDoS tool. HAVIJ was only used on one of the sites. The rest (like Sony, Bethesda, the US Senate) were entirely unique.

            The bank one was pretty hilariously simple, the rest more complex.

            • reply
              June 14, 2011 2:36 PM

              Not really complex, most of their so called hacks are SQL injection attacks. Not much work in finding websites that don't sanitize their inputs. The US Senate, wow they got away with a listing of the paintings in the capital and the apache.config file among other exciting things.

              Although, I would appreciate any links showing they are using custom software they have written themselves. Using any and all tools made by someone else to do your hacking is weaksauce.

      • reply
        June 14, 2011 7:23 PM

        Trouble is its fine for misanthropic IT PROFESSIONALS in the US justice system, but the tards who joined in in Turkey and got caught are fuuuuuucked.

    • reply
      June 14, 2011 1:17 PM

      i hope they get caught

    • reply
      June 14, 2011 1:19 PM

      I would pay for live video feed of whatever law enforcement group kicking in their doors.

      • reply
        June 14, 2011 1:37 PM

        Agreed.

        I want that shit televised. This is beyond stupid.

    • reply
      June 14, 2011 1:45 PM

      Now they are just pissing everybody off.

      Fuck with minecraft and you incite rage against you.

    • reply
      June 14, 2011 1:49 PM

      if the gov isnt somehow backing these attacks to push their bullshit internet bills through easier.... then I cant wait to see these human paraquat get thrown in pound-me-in-ass federal prison

      • reply
        June 14, 2011 1:56 PM

        i love the crazy conspiracy mindset where everything bad must be secretly government backed for some nefarious purpose

        • reply
          June 14, 2011 2:00 PM

          just because you're paranoid, doesn't mean they aren't out to get you

        • reply
          June 14, 2011 2:00 PM

          now you've exposed them, the black helicopters are on their way!

        • reply
          June 14, 2011 2:15 PM

          Unfortunately governments have often stood behind such things for some nefarious purpose, so it is understandable why people would think of them being the ones behind this scheme. Currently most democracies are closer to an oligarchy.

          • reply
            June 14, 2011 2:46 PM

            anyone who thinks Lolsec is some secret government program is a fucking moron

            • reply
              June 14, 2011 3:01 PM

              nobody was saying lolsec was a secret government program. But could the same people funding the lobbyists who back the protect-ip act (and similar bills) also be throwing money at hackers to get them to go after specific servers, and thus get people fired up in support of something they'd otherwise hate? Anyone who thinks that's impossible is a fucking moron. That flavor of business bullshit has been going on for decades.

              • reply
                June 14, 2011 3:08 PM

                lol

              • reply
                June 14, 2011 3:23 PM

                I'll have what you're having. I feel like trippin' out tonight.

                • reply
                  June 14, 2011 3:48 PM

                  it's called history... take a hit and get ready to trip balls

              • reply
                June 14, 2011 3:27 PM

                Dude....

              • reply
                June 14, 2011 3:34 PM

                The music industry has done stuff like this beforehand (hacking, promoting hacks, spreading trojans, distributing copyrighted material themselves, set up torrent servers etc.) all in the name of IP protection.

              • reply
                June 14, 2011 5:31 PM

                You must do consulting for cheesy Hollywood screenwriters

            • reply
              June 14, 2011 3:31 PM

              You are right they are just a group of hackers wanking off and enjoying the attention they get. Still I'd trust any modern government that shits on civil rights to do something on the same level.

    • reply
      June 14, 2011 1:49 PM

      When they finally do get caught, and their names come out, well, it won't be the first time someone gets injured for hacker-type shenanigans. Remember the Russian Spam King? He died from a disagreement with an unwilling recipient of his (virus installing) spam. The settlement of the argument, if I remember correctly, involved someone coming to his house and hitting him in the head with a hammer, over and over and over and over and over... oh, I think it was something around 90 times, according to the coroner. How could they possibly figure that out? Those crazy Russians!

      Anyway, it's all fun and games until you get caught and your name gets out there. Then it suddenly gets a little scary. I don't know why you'd want to run around throwing eggs at millions of young people you don't even know. You only need to piss the wrong one off once.

      • reply
        June 15, 2011 6:23 AM

        well said, I feel sorry for their mothers who harbor them down in their basement, precious snowflake is such a good kid and would never do anything wrong.

    • reply
      June 14, 2011 1:51 PM

      [deleted]

      • reply
        June 14, 2011 3:28 PM

        Probably Steam

        • reply
          June 14, 2011 4:27 PM

          Yeah, we'll see how well Gabe beefed up the firewalls.... He just recently said that they upped the security after all of the recent hacks.

      • reply
        June 14, 2011 4:21 PM

        b.net would probably be one target. they couldnt do it though

      • reply
        June 14, 2011 5:02 PM

        It'd be impressive (and major) if they took out WoW. They don't strike me as talented enough to do so, however.

    • reply
      June 14, 2011 1:58 PM

      Well... those guys are assholes...

    • reply
      June 14, 2011 2:01 PM

      Man, I bet there are some seriously busy sys-admins this week

    • reply
      June 14, 2011 2:12 PM

      Hackers get way too much exposure nowadays. Reporting on every site or service that gets hacked just spurs them to launch more random attacks.

    • reply
      June 14, 2011 2:13 PM

      THE MOTHERFUCKERS

    • reply
      June 14, 2011 2:37 PM

      They're just doing DDoS attacks; your passwords are safe

      • reply
        June 14, 2011 2:52 PM

        [deleted]

      • reply
        June 14, 2011 3:59 PM

        What could a DDOS attack possible prove about security?

        • reply
          June 14, 2011 4:21 PM

          Not so much about security, but more about redundancy and resiliency of your system.

          A DDOS attack does nothing but stress the bandwidth, and more importantly, the processing power of your servers. A single zombie system on the internet can generate about 20-50,000 packets per second depending on the packet size and the pipe its connected to. A single server can probably process 50-100,000 packets per second before it starts to chug completely and thats being gracious If you have a distributed server or some type of load balancing, you could probably handle a lot of traffic but not that much more.

          The lulzsec guys probably have hundreds, if not thousands of zombie servers throughout the world that they exploited via unpatched systems so you can do the math on how effective their DDOS attacks are.

          1 zombie = 50,000 packets per second second
          100 zombies = 5,000,000 packets per second
          1000 zombies = 50,000,000 packets per second

          When you get up to 1000 zombies, there's really not much that's going to save your servers UNLESS there is a single identifying characteristic within ALL of the attack traffic that your upstream ISP can tag on and block it before it gets to you. There are systems to do that but more Tier 1 ISPs don't bother with that stuff since they just deliver the traffic through their big pipes so the burden falls on the content provider.

    • reply
      June 14, 2011 3:29 PM

      why the hell would you target indies studios..

    • reply
      June 14, 2011 3:33 PM

      lulzsec is the us government so they can create more laws and control the internet!

      • reply
        June 14, 2011 3:52 PM

        lol right. because the US government is the only thing that gives a shit about Brink.

    • reply
      June 14, 2011 3:35 PM

      is DC Universe Online down now too? It's sitting at "Contacting Login Servers..."

    • reply
      June 14, 2011 3:36 PM

      These guys bustin up League of Legends now? When I log it is says I need to wait 25 minutes for a spot on the server!

      • reply
        June 14, 2011 3:42 PM

        That is the rumor. I cannot log in at all. And I only have like 45 minutes, just enough time for one game, but nooo....

        Bastards.

    • reply
      June 14, 2011 3:53 PM

      The next target. STEAM.

      • reply
        June 14, 2011 4:01 PM

        "Mr. Newell. We have a problem, here."

        *Gabe proceeds to grab several knives from his personal stock, and makes a little trip in his private jet.*

        He does have his own jet, right?

      • reply
        June 15, 2011 6:09 AM

        If this happens, I suggest we gather some money and hire russian mafia to track down these guys.

    • reply
      June 14, 2011 5:31 PM

      These hackers (who may also have been part of Anon) have pretty much used up any goodwill or encouragement they once had when they were targeting legitimate targets.

    • reply
      June 14, 2011 5:32 PM

      I can somewhat appreciate the lulz that come from a bunch of MMO addicts raging in withdrawal but srly, now lulzsec are just being straight up assholes. I mean, I get it, companies aren't getting their data sufficiently secured and you're loling at how easy it is to joyride the internets pwning high profile websites. It was entertaining for it bit, now it's just kind of lame. I mean, bringing down Eve Online really isn't all that impressive. If you'd brought down WoW I think you'd have everyone's attention, what lulzsec's doing now is just plan lame.

      • reply
        June 14, 2011 5:41 PM

        yeah but when they finally stop for the evening, what're they gonna play when they take down WoW? black ops

      • reply
        June 15, 2011 3:15 AM

        These kids can't target WoW for two reasons:

        1. They play it themselves and can't stand having their life go offline for a few hours when they run their scripts.
        2. Too many distributed servers on different continents.

        Go figure.

        • reply
          June 15, 2011 5:58 AM

          The login server cluster is at a single location. That's an easy enough target.

    • reply
      June 14, 2011 6:17 PM

      Why join an online game and act like an asshole to piss off 20 people when you can shut the whole server down and piss off thousands? Did I follow their logic right? It's been awhile since I reasoned like a kid.

    • reply
      June 14, 2011 7:42 PM

      OMG! I don't want to get hacked LoL account by LulzSec. :o

    • reply
      June 15, 2011 11:29 AM

      What's that? You managed to take down LoL?! That definitely isn't something that happens every other day from regular internet traffic or anything.

Hello, Meet Lola