Analysis

Phantom Squad hacked for stealing credit for Xbox Live DDoS

The group has been claiming credit for hacks it didn't do - but indications suggest a real Christmas DDoS is on the way

21/12/2015: Hacking group Phantom Squad has itself been hacked, after attempting to take credit for various attacks.

In an unsurprising turn of events, it appears that the group was not, in fact, responsible for the vast swathes of outages that it claimed to be behind. 

The real perpetrators of these attacks are apparently not happy and have hacked Phantom Squad's website in retaliation.

The site was breached by Obstructable and the SkidNP collective, who say that Phantom Squad "took credit for multiple attacks that [neither] you nor any of your members did".

They also advised the group to "quit while you have the chance", and that if they continue to claim false responsibility for further attacks, "it will be the last thing you do".

The post appears to indicate not only that Phantom Squad has been stealing credit for other people's hacks, but also that there will be another attack against Xbox and PlayStation's servers.

Obstructable's message explicitly warns Phantom Squad not to claim responsibility for the Christmas outage, which could indicate that one or more groups are planning an attack on the services.

18/12/2015: Hackers have claimed responsibility for the recent Xbox Live outage, which knocked the service's store and multiplayer functions offline for several hours.

This time, the claims are being made by the so-called Phantom Squad', an apparently recently-formed group.

The outage mirrors a similar attack last year, which was attributed to a collective known as Lizard Squad.

Both Xbox Live and the PlayStation Network had received warnings from Phantom Squad that their services will be taken offline over the Christmas period. 

The group claims that it is attempting to expose flaws in the security of both PSN and Xbox Live, calling themselves "grey hat hackers" and urging the companies to fix their security.

However, while Phantom Squad has been largely accepted as being the perpetrators of this attack, little attention seems to have been paid to the group's credibility.

Indeed, there is evidence to suggest that Phantom Squad may not be behind the supposed hack' at all.

The group promised to disrupt the service over Christmas, but has instead supposedly opted to jump the gun by around a week, claiming that "this is what happens when you don't believe us".

However, with no evidence prior to the outage to indicate that Phantom Squad was planning an early attack, this looks a lot like a convenient coincidence.

This would not be out of character, as this new kid on the block has been loudly claiming responsibility for virtually every major outage of the holiday period so far.

According to the group's now suspended Twitter feed, it has been responsible for taking down servers for Call of Duty Black Ops 3, Xbox Live, PSN, Steam, Reddit and others. 

While comparisons have been made to Lizard Squad, Phantom Squad seems to have something of a rivalry going with them.

It repeatedly stated on Twitter that it is "not associated with Lizard Squad", and even ran a poll asking who it should target next; Lizard Squad or ISIS. 

It also tweeted that "there are only 5 of us", and claimed that it "tried to take down the entire internet" likely in reference to the DDoS attack on the internet's root servers earlier this month.

Phantom Squad's motivations also seem to be a lot less noble than it has latterly made itself out to be.

The group highlighted retweets from PC gaming fans celebrating an attack on so-called "console peasants", and asked if consumers will "waste your money on a console". 

Phantom Squad has held repeated polls asking followers to choose its next target. It also asks them to retweet its warnings and use specific hashtags to drum up attention.

All of this indicates that Phantom Squad may not actually be an elite group of grey hat' hackers.

Instead, its actions have the ring of attention-hungry internet trolls, attempting to latch onto any notable outage in an effort to prove its potency.

Time may yet prove them to be a credible danger, similar to Anonymous or Lizard Squad. For now, though, Phantom Squad remains just that a ghost, with no power or substance.

This article was originally published on 18/12/2015 and has since been updated to reflect new information.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Mastering endpoint security implementation
Security

Mastering endpoint security implementation

16 Apr 2021
US, UK say Russia was behind SolarWinds hack
cyber attacks

US, UK say Russia was behind SolarWinds hack

16 Apr 2021
1Password targets enterprise customers with Secrets Automation
IT infrastructure

1Password targets enterprise customers with Secrets Automation

14 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
University of Hertfordshire's entire IT system offline after cyber attack
cyber attacks

University of Hertfordshire's entire IT system offline after cyber attack

15 Apr 2021
NSA uncovers new "critical" flaws in Microsoft Exchange Server
servers

NSA uncovers new "critical" flaws in Microsoft Exchange Server

14 Apr 2021