Want a site attacked? Call the LulzSec request line
LulzSec has started crowdsourcing its nefarious online activities by opening a request line for future assaults.
Yesterday, the hotline number went out via LulzSec's Twitter account: "Call into 614-LULZSEC and pick a target and we'll obliterate it. Nobody wants to mess with The Lulz Cannon -- take aim for us, twitter. #FIRE." I called the number today. There's something there. I didn't leave a take-down request.
The group claims to have received overwhelming response to the hotline, tweeting: "5000 missed calls and 2500 voicemails from today. The Lulz Boat must sail off and organize itself." Later: "Now accepting calls from true lulz fans -- let's all laugh together at butthurt gamers. 614-LULZSEC, accepting as many as we can, let's roll."
The bold request hotline comes during a rash of website attacks, which before yesterday included the FBI, Nintendo, PBS, Sony and the US Senate. LulzSec posted the Senate's site directory structure. In a statement included with the data, LulzSec asked: "Is this an act of war, gentlemen?" The Pentagon has been talking about treating cyberattacks as acts of war.
Yesterday, LulzSec added gaming magazine The Escapist, Eve Online, IT security firm FinFisher, League of Legends and Minecraft as take-down trophies.
FinFisher stood out from the others, not being a gaming site. LulzSec tweeted yesterday: "Tango down: http://t.co/bysLvbu -- because apparently they sell monitoring software to the government or some shit like that." This morning: "Some insane, rambling political man called us and started going off about Fin Fisher, so we sunk the bastards. :D"
LulzSec dubbed yesterday's attacks "Titanic Takeover Tuesday," largely targeted gaming sites' log-in servers with DDoS attacks.
LulzSec tweeted: "We just wiped out the login server for Eve Online, and it accidentally took their website out at the same time: http://t.co/BgRuEoA" and later "@EveOnline our boats sunk your inferior spaceships, ujelly?" However, the gaming website claims the takedown was voluntary. Late yesterday evening, CCP CCO Jón Hörðdal posted about the Eve Online attack :
At 17:00 UTC today, CCP became aware of a distributed denial-of-service attack (DDoS) against the EVE Online cluster and web servers. Our policy in such cases is to mobilize a taskforce of internal and external experts to evaluate the situation. At 17:55 UTC, that group concluded that our best course of action was to go completely offline while an exhaustive scan of our entire infrastructure was executed...
Our taskforce concluded at 22:05 that neither the game servers nor the CCP infrastructure had been breached. Further, we can also confirm that no personal details such as users' credentials or credit card numbers were exposed through this incident. The servers were brought back online at 23:00 and we will continue to monitor the situation closely.
Gamers seem like an unlikely target for LulzSec, or perhaps not. Tweeted this morning: "Gamers only have the mental capacity to remember the last two/three events that ever happened, so they think we can only DDoS. :(". Later: "Having fun laughing at gamers; props to the three 614-LULZSEC callers who requested Eve, Minecraft, League of Legends. <3 Bwahahaha."