Skip to content
Naked Security Naked Security

Group that attacked Tumblr threatens to DDoS Xbox for Christmas

Hacking group may have used Mirai to attack Tumblr 'for light hearted fun'

A new hacking group is taking credit for a distributed denial-of-service (DDoS) attack that took down Tumblr this week. But so far, little is known about R.I.U. Star Patrol other than its motive of attacking for fun.

Tumblr went down for more than two hours Wednesday afternoon and R.I.U. Star Patrol contacted Mashable to explain its reason for attacking:

“There is no sinister motive,” the group told Mashable.”It’s all for light hearted fun.”

The site was first reported offline shortly after 3:15pm ET. The service said on Twitter that some users were experiencing “latency”. Mashable reported that the site was back up for a few minutes around 3:52pm ET but went back down, returning at around 4:22pm ET. Full service was restored around 5:45pm ET.

The Mirai connection

Some in the security community believe the group carried out the attack using Mirai, malware tied to a record 620Gpbs attack on the website of noted journalist Brian Krebs and the coordinated assault against DNS hosting provider Dyn last fall.

That DDoS crippled such major sites as Twitter, Paypal, Netflix and Reddit and shifted the world’s attention to threats against the so-called Internet of Things (IoT) – everyday devices and appliances connected to the web.

What happened to Tumblr was a more typical DDoS, but it demonstrates how easy it has become to launch attacks since the source code for Mirai was openly published.

In such attacks, a hacker attempts to overload or shut down a service so that legitimate users can no longer access it. Typical DoS attacks target web servers and aim to make websites unavailable. No data is stolen or compromised, but the interruption to the service can be costly for an organization.

The most common type of DoS attack involves sending more traffic to a computer than it can handle. There are a variety of methods for DoS attacks, but the simplest and most common is to have a botnet flood a web server with requests. This is called a distributed denial-of-service attack (DDoS).

What we know about R.I.U. Star Patrol so far

A scouring of the internet produced few details about this hacking group. From what we can tell, its Twitter account (@StarPatrolling) came online on December 13 and that its self-described leader goes by the Twitter handle @ANTIPEACESP.

Gaming news site 7421Max conducted an interview with @StarPatrolling and published it on Youtube. Those interviewed said they plan to launch coordinated attacks against Xbox on Christmas day. Asked about their motive, the hackers said, “We do it because we can.” They claim they are not motivated by money. “We have not been paid a single dollar for what we do,” one of the hackers said.

On December 19, 7421Max reported that the group had taken down League of Legends and Warframe servers, and warned in a follow-up tweet that R.I.U. Star Patrol plans to knock down PSN and Xbox Live for Christmas 2016. The group confirmed this in the Youtube video:

The threat is going to sting for users who remember the Christmas 2014 DDoS blockage of PlayStation and Xbox systems.

Parents of kids who hope to play their new Christmas presents on Sunday might want to brace themselves for some tears.


4 Comments

Did any substantial attacks occur? I don’t play console games, but didn’t see any more of this. Was it more than just talk?

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?