Lizard Squad Taking Over CCTV Devices to Conduct DDoS Attacks

Lizard Squad hackers have been conducting Distributed Denial of Service (#DDoS) Attacks on banking and government institutions after compromising CCTV devices worldwide!

Earlier in two previous incidents, researchers discovered hackers taking over thousands of CCTV devices and conducting DDoS attacks on small business websites; now an IT security firm Arbor Networks has exposed a third event in which famous Lizard Squad group has been named as culprits for hacking into thousands of Internet-connected cameras and using them to attack government as well as banking websites.

Researchers discovered that Lizard Squad who gained notoriety by DDoSing British National Crime Agency website, Warcraft, Xbox, PlayStation, EA and Steam servers released a Linux-based DDoS tool LizardStresser which has been used to hack CCTV devices and use them to target high profile targets flooding them with as much as 400Gbps of data. The attacks were aimed mostly at gaming platforms, Brazilian financial institutions, ISPs, and government institutions.

https://twitter.com/LizardLands/status/719657893339881472

“A set of threat actors behind LizardStresser have focussed on targeting Internet of Things (IoT) devices using default passwords that are shared amongst entire device classes,” noted by Arbor Networks.

There has been an increase in using IoT devices worldwide although these devices have simultaneously become extremely vulnerable to cyber attacks. Earlier, Israeli security camera systems were hacked by Pro-Hezbollah hackers to keep an eye on officials. In another case, a Nanny cam was hacked and later the family discovered their child’s crib footage being sold online.

If you are a website owner and receiving DDoS attacks contact firms like Sucuri or Incapsula — If you own a CCTV camera make sure to remove default login and password and use strong login credentials to avoid them from being misused.

Arbor Networks

Flickr/NLBC