Analysis

Phantom Squad hacked for stealing credit for Xbox Live DDoS

The group has been claiming credit for hacks it didn't do - but indications suggest a real Christmas DDoS is on the way

21/12/2015: Hacking group Phantom Squad has itself been hacked, after attempting to take credit for various attacks.

In an unsurprising turn of events, it appears that the group was not, in fact, responsible for the vast swathes of outages that it claimed to be behind. 

The real perpetrators of these attacks are apparently not happy and have hacked Phantom Squad's website in retaliation.

The site was breached by Obstructable and the SkidNP collective, who say that Phantom Squad "took credit for multiple attacks that [neither] you nor any of your members did".

They also advised the group to "quit while you have the chance", and that if they continue to claim false responsibility for further attacks, "it will be the last thing you do".

The post appears to indicate not only that Phantom Squad has been stealing credit for other people's hacks, but also that there will be another attack against Xbox and PlayStation's servers.

Obstructable's message explicitly warns Phantom Squad not to claim responsibility for the Christmas outage, which could indicate that one or more groups are planning an attack on the services.

18/12/2015: Hackers have claimed responsibility for the recent Xbox Live outage, which knocked the service's store and multiplayer functions offline for several hours.

This time, the claims are being made by the so-called Phantom Squad', an apparently recently-formed group.

The outage mirrors a similar attack last year, which was attributed to a collective known as Lizard Squad.

Both Xbox Live and the PlayStation Network had received warnings from Phantom Squad that their services will be taken offline over the Christmas period. 

The group claims that it is attempting to expose flaws in the security of both PSN and Xbox Live, calling themselves "grey hat hackers" and urging the companies to fix their security.

However, while Phantom Squad has been largely accepted as being the perpetrators of this attack, little attention seems to have been paid to the group's credibility.

Indeed, there is evidence to suggest that Phantom Squad may not be behind the supposed hack' at all.

The group promised to disrupt the service over Christmas, but has instead supposedly opted to jump the gun by around a week, claiming that "this is what happens when you don't believe us".

However, with no evidence prior to the outage to indicate that Phantom Squad was planning an early attack, this looks a lot like a convenient coincidence.

This would not be out of character, as this new kid on the block has been loudly claiming responsibility for virtually every major outage of the holiday period so far.

According to the group's now suspended Twitter feed, it has been responsible for taking down servers for Call of Duty Black Ops 3, Xbox Live, PSN, Steam, Reddit and others. 

While comparisons have been made to Lizard Squad, Phantom Squad seems to have something of a rivalry going with them.

It repeatedly stated on Twitter that it is "not associated with Lizard Squad", and even ran a poll asking who it should target next; Lizard Squad or ISIS. 

It also tweeted that "there are only 5 of us", and claimed that it "tried to take down the entire internet" likely in reference to the DDoS attack on the internet's root servers earlier this month.

Phantom Squad's motivations also seem to be a lot less noble than it has latterly made itself out to be.

The group highlighted retweets from PC gaming fans celebrating an attack on so-called "console peasants", and asked if consumers will "waste your money on a console". 

Phantom Squad has held repeated polls asking followers to choose its next target. It also asks them to retweet its warnings and use specific hashtags to drum up attention.

All of this indicates that Phantom Squad may not actually be an elite group of grey hat' hackers.

Instead, its actions have the ring of attention-hungry internet trolls, attempting to latch onto any notable outage in an effort to prove its potency.

Time may yet prove them to be a credible danger, similar to Anonymous or Lizard Squad. For now, though, Phantom Squad remains just that a ghost, with no power or substance.

This article was originally published on 18/12/2015 and has since been updated to reflect new information.

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Recommended

Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021

Most Popular

UK gov considers blocking Nvidia's takeover of Arm
Acquisition

UK gov considers blocking Nvidia's takeover of Arm

4 Aug 2021
RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Tesla Megapack goes up in flames at Australian battery site
Hardware

Tesla Megapack goes up in flames at Australian battery site

30 Jul 2021