Lizard Squad may have been the Scrooge for millions of gamers, but establishing a brand identity as powerful DDOS attackers allowed them to start making revenue from its commercial "stresser" tool, capable of knocking large platforms offline.
In a new update by security expert Brian Krebs—who has been following the groups actions since December—he claims the stresser tool ran off compromised home routers, without the owner of the router knowing.
Lizard Squad were able to hack a few home routers using default username and password combinations, and then attaching a virus to the router, spreading the attack to even more unsuspecting home routers.
The compromised devices would accept any open router connections through telnet, allowing them to access thousands of home routers through the "zombie attacks", giving Lizard Squad more bandwidth to use when attacking servers.
The DDOS stresser tool has only been used once for a prolonged time, on the image board 4chan, knocking servers offline for 8 hours. Lizard Squad took to Twitter to confirm the attack, but deleted the tweet shortly after.
Several security experts have questioned the integrity of Sony and Microsoft's gaming servers, claiming any large scale corporation should have sufficient barriers to block a large DDOS attack, however both Xbox Live and PSN were knocked offline for 14 hours and three days, respectively.
Now that UK authorities have Vincent Omari in custody on PayPal fraud and links to the hacking organisation, and a 17-year old Finnish hacker also linked to the group has been picked up by the FBI, the Lizard Squad may turn down the attacks.