The database of LizardStresser – the tool of the notorious Lizard Squard hacking group – was compromised and thousands of buyers were exposed, according to KrebsOnSecurity.
â€œA copy of the LizardStresser customer database obtained by KrebsOnSecurity shows that it attracted more than 14,241 registered users, but only a few hundred appear to have funded accounts at the service,â€ Krebs said.
The tool was available, for a fee, to people looking for an online service that knocks a target offline through denial-of-service attacks.
Apparently, the database content was not encrypted.
â€œInterestingly, all registered usernames and passwords were stored in plain text. Also, the database indicates that customers of the service deposited more than USD $11,000 worth of Bitcoins to pay for attacks on thousands of Internet addresses and Web sites (including this one),â€ the researcher said.
The credentials along with logs of Internet addresses that were attacked by the router botnet were posted on Mega, a file hosting service.
In-depth analysis shows gamers were among the preferred targets. Almost 7 per cent of the attacks targeted port 25565, the one used by Minecraft servers.
â€œWhile more than half of the attacks launched by customers of the service have been against Web servers, a significant portion have targeted individuals or small community gaming serversâ€”including Minecraft servers,â€ according to Ars Technica.
The service was used to launch some 16,000 attacks in one month. Most focused on servers of smaller hosting companies from Nevada, Quebec, Poland and Malaysia, and sites that were unidentifiable by their IP addresses.
Soon after the service LizardStresser was launched, some members of the hacking group were arrested in connection with denial-of-service attacks on Sony PlayStation and Microsoft Xbox systems last Christmas.