Hackers Targeting Xbox Live Players with DoS Attacks


Well the day has come when money-minded botnet owners have turned their services towards online gaming. For a small fee (USD20) you can get someone to set you up with the software to ‘boot’ people from the Xbox Live network.

It’s always been a problem in gaming, if something can get hold of your IP address they can DoS you off the network or at least make it so laggy you can no longer play properly.

Most legacy games however were hosted on central or public servers so that wasn’t an issue, but with Xbox live most of the games are hosted by one of the participants – so that guy effectively has access to everyone’s IP address.

Xbox Live is being targeted by malicious hackers selling services that kick players off the network.

The booting services are proving popular with players who want a way to get revenge on those who beat them in an Xbox Live game.

The attackers are employing data flooding tools that have been used against websites for many years.

Microsoft is “investigating” the use of the tools and said those caught using them would be banned from Xbox Live.

“There’s been a definite increase in the amount of people talking about and distributing these things over the last three to four weeks,” said Chris Boyd, director of malware research at Facetime Communications.

Yah so Microsoft is going to ban them? I bet they are really bothered, the guys making the money probably don’t even use the tools themselves apart from testing and if they do they probably use hijacked accounts.

The poor schmucks who are going to get banned are the ones who have paid the hackers to set them up with some tools they don’t really understand.

It seems like it’s really picked up in the last month or so and is becoming a serious issue on the Xbox Live network.

“The smart thing about these Xbox tools is that they do not attack the Xbox Live network itself,” he said.

He said the tools work by exploiting the way that the Xbox Live network is set up. Game consoles connecting to the Xbox network send data via the net, and for that it needs an IP address.

Even better, said Mr Boyd, games played via Xbox Live are not hosted on private servers. “Instead,” he said, “a lot of games on Xbox Live are hosted by players.”

If hackers can discover the IP address of whoever is hosting a game they can employ many of the attacks that have been used for years against websites, said Mr Boyd. One of the most popular for the Xbox Live specialists is the Denial of Service attack which floods an IP address with vast amounts of data.

In basic terms they are just using a traditional DDoS attack on Xbox Live players, there’s no special or new technology involved here. Whoever is at the receiving end would have their net connection disrupted – not just their connection to Xbox Live.

With an estimated 17 million players on the Xbox Live network this could become a significant issue and as with any kind of DoS attack it’s really quite difficult to prevent.

Unless they change the whole architecture and make the hosting centralized – then they have to take the brunt of the bandwidth and infrastructure costs rather than with the current peer-to-peer hosting system.

Source: BBC (Thanks Navin)

Posted in: Exploits/Vulnerabilities, Hardware Hacking, Networking Hacking Tools


Latest Posts:


GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.


One Response to Hackers Targeting Xbox Live Players with DoS Attacks

  1. anona February 25, 2009 at 1:41 pm #

    Darknet is so out of date. This has been reported on many sites before here that aren’t even involved with hacking.

    While darknet have provided some interesting articles in the past, the content has become stale and out of date.

    Darknet has lost it’s space on my RSS.