Hackers Targeting Xbox Live Players with DoS Attacks


Well the day has come when money-minded botnet owners have turned their services towards online gaming. For a small fee (USD20) you can get someone to set you up with the software to ‘boot’ people from the Xbox Live network.

It’s always been a problem in gaming, if something can get hold of your IP address they can DoS you off the network or at least make it so laggy you can no longer play properly.

Most legacy games however were hosted on central or public servers so that wasn’t an issue, but with Xbox live most of the games are hosted by one of the participants – so that guy effectively has access to everyone’s IP address.

Xbox Live is being targeted by malicious hackers selling services that kick players off the network.

The booting services are proving popular with players who want a way to get revenge on those who beat them in an Xbox Live game.

The attackers are employing data flooding tools that have been used against websites for many years.

Microsoft is “investigating” the use of the tools and said those caught using them would be banned from Xbox Live.

“There’s been a definite increase in the amount of people talking about and distributing these things over the last three to four weeks,” said Chris Boyd, director of malware research at Facetime Communications.

Yah so Microsoft is going to ban them? I bet they are really bothered, the guys making the money probably don’t even use the tools themselves apart from testing and if they do they probably use hijacked accounts.

The poor schmucks who are going to get banned are the ones who have paid the hackers to set them up with some tools they don’t really understand.

It seems like it’s really picked up in the last month or so and is becoming a serious issue on the Xbox Live network.

“The smart thing about these Xbox tools is that they do not attack the Xbox Live network itself,” he said.

He said the tools work by exploiting the way that the Xbox Live network is set up. Game consoles connecting to the Xbox network send data via the net, and for that it needs an IP address.

Even better, said Mr Boyd, games played via Xbox Live are not hosted on private servers. “Instead,” he said, “a lot of games on Xbox Live are hosted by players.”

If hackers can discover the IP address of whoever is hosting a game they can employ many of the attacks that have been used for years against websites, said Mr Boyd. One of the most popular for the Xbox Live specialists is the Denial of Service attack which floods an IP address with vast amounts of data.

In basic terms they are just using a traditional DDoS attack on Xbox Live players, there’s no special or new technology involved here. Whoever is at the receiving end would have their net connection disrupted – not just their connection to Xbox Live.

With an estimated 17 million players on the Xbox Live network this could become a significant issue and as with any kind of DoS attack it’s really quite difficult to prevent.

Unless they change the whole architecture and make the hosting centralized – then they have to take the brunt of the bandwidth and infrastructure costs rather than with the current peer-to-peer hosting system.

Source: BBC (Thanks Navin)

Posted in: Exploits/Vulnerabilities, Hardware Hacking, Networking Hacking Tools


Latest Posts:


Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.


One Response to Hackers Targeting Xbox Live Players with DoS Attacks

  1. anona February 25, 2009 at 1:41 pm #

    Darknet is so out of date. This has been reported on many sites before here that aren’t even involved with hacking.

    While darknet have provided some interesting articles in the past, the content has become stale and out of date.

    Darknet has lost it’s space on my RSS.