<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<small>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style><head>
<style></style> </small>
<table class="backgroundTable" bgcolor="#ffffff" cellpadding="0"
cellspacing="0" width="100%">
<tbody>
<tr>
<td align="left" valign="top">
<table cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="border-top: 0px solid rgb(0, 0, 0);
border-bottom: 1px solid rgb(255, 255, 255);
background-color: rgb(255, 255, 255); text-align:
center;" align="center"><span style="font-size:
10px; color: rgb(96, 96, 96); line-height: 200%;
font-family: verdana; text-decoration: none;">Email
not
displaying correctly? <a
href="http://www.oplin.org/4cast/"
style="font-size: 10px; color: rgb(0, 0, 255);
line-height: 200%; font-family: verdana;
text-decoration: none;">View
it in your browser.</a></span></td>
</tr>
<tr>
<td style="border-top: 0px solid rgb(51, 51, 51);
border-bottom: 0px solid rgb(255, 255, 255);
background-color: rgb(255, 255, 255);">
<center><a href=""><img id="editableImg1"
src="cid:part2.04000500.03050408@oplin.org"
title="OPLIN" alt="OPLIN 4Cast" border="0"
align="middle"></a></center>
</td>
</tr>
</tbody>
</table>
<table style="width: 763px; height: 877px;"
bgcolor="#ffffff" cellpadding="20" cellspacing="0">
<tbody>
<tr>
<td style="font-size: 12px; color: rgb(0, 0, 0);
line-height: 150%; font-family: trebuchet ms;"
bgcolor="#ffffff"
background="http://www.oplin.org/4cast/wp-content/themes/4cast/images/kubrickbgwide.jpg"
valign="top">
<p><!-- Make sure you modify the 4Cast title in this section -->
<span style="font-size: 20px; font-weight: bold;
color: rgb(0, 0, 0); font-family: arial;
line-height: 110%;">OPLIN 4cast #421: Inside the
Dark Side</span><br>
<!-- Make sure you modify the date of the 4Cast in this section -->
<span style="font-size: 11px; font-weight: normal;
color: rgb(102, 102, 102); font-style: italic;
font-family: arial;">January 21st, 2015</span></p>
<!-- Begin copy of Web Source here -->
<p style="text-align: justify;font-size: 16px;
font-family: arial; line-height: 110%;"><img
src="cid:part4.07080405.05090004@oplin.org"
alt="lizard" align="left" height="85"
width="110">Three months ago we posted a <a
href="http://www.oplin.org/4cast/?p=4966">4cast</a>
about the availability of cheap Distributed Denial
of Service (DDoS) attacks on the Internet,
mentioning as well that OPLIN has a system in
place to protect libraries from such attacks. Over
the Christmas holidays, DDoS attacks on the Xbox
Live and PlayStation networks got a lot of
attention in the media, and shortly after that the
"Lizard Squad" group that claimed credit for those
attacks announced the availability of their own
inexpensive DDoS service for hire. Now, thanks in
large part to security researcher Brian Krebs,
that service is falling apart and providing an
interesting glimpse into the dark side of the
Internet.
</p>
<div> </div>
<ul style="text-align: left;">
<li style="text-align: justify; font-size: 16px;
font-family: arial; line-height: 110%;"><a
href="http://krebsonsecurity.com/2014/12/lizard-kids-a-long-trail-of-fail/">Lizard
kids: A long trail of fail</a> (Krebs on
Security | Brian Krebs) "The Lizard kids only
ceased their attack against Sony's Playstation
and Microsoft's Xbox Live networks last week
after MegaUpload founder Kim Dotcom <a
href="http://krebsonsecurity.com/wp-content/uploads/2014/12/lyYRjQB.jpg">offered
the group $300,000 worth of vouchers</a> for
his service in exchange for ending the assault.
And in a development probably that shocks no
one, the gang's members cynically <a
href="http://www.dailydot.com/crime/lizard-squad-lizard-stresser-ddos-service-psn-xbox-live-sony-microsoft/">told
Dailydot</a> that both attacks were just
elaborate commercials for and a run-up to this
DDoS-for-hire offering. The group is advertising
the new 'booter service' via its Twitter
account, which has some 132,000+ followers.
Subscriptions range from $5.99 per month for the
ability to knock a target offline for 100
seconds at a time, to $129.99 monthly for DDoS
attacks lasting more than eight hours."</li>
<li style="text-align: justify; font-size: 16px;
font-family: arial; line-height: 110%;"><a
href="http://arstechnica.com/security/2015/01/a-hacked-ddos-on-demand-site-offers-a-look-into-mind-of-booter-users/">A
hacked DDoS-on-demand site offers a look into
mind of "booter" users</a> (Ars Technica |
Sean Gallagher) "Things have not gone all that
well for LizardSquad since the launch of
LizardStresser. Shortly after the service-which
uses a botnet of hacked home and institutional
routers-was launched, members of LizardSquad
started getting arrested. Last week the
LizardStresser server was hacked, and its
database was dumped and posted to Mega by the
former operator of the darknet 'doxing' site
Doxbin. As a result, the usernames and passwords
of LizardSquad's 'customers,' along with logs of
the Internet addresses that had been attacked by
the router botnet, were laid bare for everyone
to see."</li>
<li style="text-align: justify; font-size: 16px;
font-family: arial; line-height: 110%;"><a
href="http://www.forbes.com/sites/thomasbrewster/2015/01/20/lizard-squad-backlash/">Xbox
Live destroyers Lizard Squad facing backlash
in underground hacker wars</a> (Forbes |
Thomas Fox-Brewster) "Investigative journalist
Brian Krebs broke the news that the Lizard
Stresser Distributed Denial of Service (DDoS)
offering, which lets people pay for website
takedowns and which the Christmas attacks were
supposed to advertise, was breached and the
customer database leaked. <em>Forbes</em> has
obtained a copy of what appears to be a leaked
Lizard Stresser database, though it differs from
the one Krebs posted a screenshot of
(incredibly, Lizard Squad has been making DMCA
requests for links to the leaks to be taken down
from Kim Dotcom's Mega storage service). The
link came courtesy of one of the more talkative
dark web denizens who goes by the name of
'nachash', who once ran the controversial Doxbin
site, where personal details of select
individuals were posted on the anonymising Tor
network."</li>
<li style="text-align: justify; font-size: 16px;
font-family: arial; line-height: 110%;"><a
href="http://www.theguardian.com/technology/2015/jan/19/lizard-squad-lizardstresser-site-hacked">Lizard
Squad's LizardStresser hacked and customer
details made public</a> (The Guardian | Stuart
Dredge) "The news follows several arrests made
as police investigate the original PlayStation
Network and Xbox Live attacks. On 31 December, a
<a
href="http://www.theguardian.com/technology/2015/jan/01/man-linked-to-lizard-squad-hack-arrested-over-2013-14-cyber-fraud">22
year-old man from Twickenham was arrested by
the South East Regional Organised Crime Unit</a>
(SEROCU) on suspicion of fraud by false
representation and Computer Misuse Act offences,
before being released on bail until 10 March.
Then, on 16 January, <a
href="http://www.theguardian.com/technology/2015/jan/16/man-held-over-lizard-squad-cyberattacks-on-psn-and-xbox-live">an
18 year-old man was arrested in Southport</a>
on suspicion of unauthorised access to computer
material, unauthorised access with intent to
commit further offences, and threats to kill."</li>
</ul>
<div style="text-align: left;"> </div>
<p style="text-align: left; font-size: 20px;
font-family: arial; line-height: 110%;"><small><strong><em>Articles
from <a href="http://ohioweblibrary.org">Ohio
Web Library</a>:</em></strong></small><br>
</p>
<div style="text-align: justify; font-size: 16px;
font-family: arial; line-height: 110%;">
<ul>
<li><a
href="http://web.b.ebscohost.com.proxy.oplin.org/ehost/detail/detail?sid=85eea67d-654b-47f4-bb41-dd28618478f9%40sessionmgr113&vid=0&hid=115&bdata=JnNpdGU9ZWhvc3QtbGl2ZQ%3d%3d#db=cph&AN=89867465">How
do booters work? Inside a DDoS for hire
attack.</a> (<em>eWeek</em>, 8/5/2013 | Sean
Michael Kerner)</li>
<li><a
href="http://web.b.ebscohost.com.proxy.oplin.org/ehost/detail/detail?sid=865a2399-fff6-497c-9816-76a22ece4132%40sessionmgr115&vid=0&hid=115&bdata=JnNpdGU9ZWhvc3QtbGl2ZQ%3d%3d#db=ulh&AN=100128985">This
is Lizard Squad, the nebulous hacker group
now tied to the Sony hack.</a> (<em>Christian
Science Monitor</em>, 12/24/2014 | Fruzsina
Eördögh)</li>
<li><a
href="http://web.b.ebscohost.com.proxy.oplin.org/ehost/detail/detail?sid=7470707c-05ba-4f10-9a46-edd3730a2d93%40sessionmgr114&vid=0&hid=115&bdata=JnNpdGU9ZWhvc3QtbGl2ZQ%3d%3d#db=bwh&AN=wapo.909fcc3c-8d35-11e4-a085-34e9b9f09a58">As
gaming servers went down, hacker group's
profile rose.</a> (<em>The Washington Post</em>,
12/27/2014 | Brian Fung and Andrea Peterson)</li>
</ul>
</div>
<div style="text-align: left;"> </div>
<!-- End paste of web source here --> </td>
</tr>
<tr>
<td style="" solid="" background-color:="" rgb(255,=""
255,="" 255);="" >=""
background="http://www.oplin.org/4cast/wp-content/themes/4cast/images/kubrickbgwide.jpg"
valign="top" width="760"><span style="font-size:
10px; color: rgb(96, 96, 96); line-height: 100%;
font-family: verdana;">
<hr><!-- Begin standard subscription verbiage -->
<div style="text-align: justify;">The <strong><em>OPLIN
4cast</em></strong>
is a weekly compilation of
recent headlines, topics, and trends that could
impact public
libraries. You can subscribe to it in a variety
of ways, such as: <br>
</div>
<div style="text-align: left;"> </div>
<ul>
<li style="text-align: justify;"><strong>RSS
feed.</strong>
You
can receive the OPLIN 4cast
via RSS feed by subscribing to the following
URL:
<a class="moz-txt-link-freetext" href="http://www.oplin.org/4cast/index.php/?feed=rss2">http://www.oplin.org/4cast/index.php/?feed=rss2</a>.
</li>
<li style="text-align: justify;"><strong>Live
Bookmark.</strong>
If you're using the Firefox
web browser, you can go to the 4cast website
(<a class="moz-txt-link-freetext" href="http://www.oplin.org/4cast/">http://www.oplin.org/4cast/</a>) and click on the
orange "radio wave" icon
on the right side of the address bar. In
Internet Explorer 7, click on
the same icon to view or subscribe to the
4cast RSS feed. </li>
<li style="text-align: justify;"><strong>E-mail.</strong>
You
can have the OPLIN 4cast
delivered via e-mail (a'la OPLINlist and
OPLINtech) by subscribing to
the 4cast mailing list at
<a class="moz-txt-link-freetext" href="http://mail.oplin.org/mailman/listinfo/OPLIN4cast">http://mail.oplin.org/mailman/listinfo/OPLIN4cast</a>.
</li>
</ul>
</span> </td>
</tr>
<tr>
<td style="border-top: 0px solid rgb(255, 255, 255);
background-color: rgb(255, 255, 204);"
background="http://www.oplin.org/4cast/wp-content/themes/4cast/images/kubrickfooter.jpg"
valign="top" width="760"> <br>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<small>
<title>OPLIN 4Cast</title>
<style>
.headerTop { background-color:#FFFFFF; border-top:0px solid #000000; border-bottom:1px solid #FFFFFF; text-align:center; }
.adminText { font-size:16px; color:#0000FF; line-height:200%; font-family:verdana; text-decoration:none; }
.headerBar { background-color:#FFFFFF; border-top:0px solid #333333; border-bottom:0px solid #FFFFFF; }
.title { font-size:20px; font-weight:bold; color:#000000; font-family:arial; line-height:110%; }
.subTitle { font-size:11px; font-weight:normal; color:#000000; font-style:italic; font-family:arial; }
.defaultText { font-size:12px; color:#000000; line-height:150%; font-family:trebuchet ms; }
.footerRow { background-color:#FFFFCC; border-top:0px solid #FFFFFF; }
.footerText { font-size:10px; color:#996600; line-height:100%; font-family:verdana; }
a { color:#0000FF; color:#0000FF; color:#0000FF; }
</style>
</small>
</body>
</html>