The infamous DDoS group Lizard Squad have shown proficiency when it comes to utilising a bot-net of compromised routers, but when it comes to difficult tasks like cyber security for its LizardStresser tool, the group has a rather poor understanding.
An anonymous hacker managed to take down the LizardStresser tool earlier this week, and it looks like a lot of information has not been encrypted or stored safety, with customer details and Bitcoin available in plain text.
Over 14,000 customer details were made publicly available, but only a few hundred have spent any money on the LizardStresser service. The total amount of revenue from the DDoS tool totals $11,000 (£7,260), pretty impressive for a few days of activity.
Customers paid between $6 (£4) and $500 (£330) in Bitcoin, allowing them a certain amount of time with the LizardStresser tool. Lizard Squad offered a three tier plan, including 100 seconds, 8 hours and lifetime (15 years) of DDoS attacks.
The LizardStresser tool was most notably used on 4Chan's servers, taking them offline for 8 hours. Lizard Squad said it would take down the Tor network, but has not managed to affect the deep-web browser.
Two UK teenagers have been arrested on charges of fraud and cyber attacks, and both warrants showed a connection between the teenage and Lizard Squad. The FBI is also working on a case in Finland for a 17-year old hacker with connections to Lizard Squad.
The days of the hacking collective are almost over, unless the Lizard Squad happens to have even more members working across Europe.
The group first made the news back in summer for small attacks on the PlayStation Network (PSN), and made repeat attacks on PSN and Xbox Live on Christmas Day, shutting down servers for over three days.