UK arrests teens for using Lizard Squad rent-a-DDoS service

UK law enforcement has tracked down and arrested six teenagers believed to have used Lizard Squad's DDoS service.

On Friday, the UK's National Crime Agency (NCA) announced Operation Vivarium, an ongoing project targeting those that have used hacking group Lizard Squad's Lizard Stresser tool, a 'rent-a-DDoS' service which can be used to take websites offline.

Distributed Denial of Service (DDoS) attacks aim to disrupt an online domain. Through the use of botnets, slave computer systems or the redirection of traffic, DDoS attacks can overload a Web service, flooding systems and thereby refusing access to the domain for legitimate traffic.

The Lizard Stresser tool, as noted by Engadget, was launched in 2014 and can be 'hired' through payment via Paypal or Bitcoin. For only a few dollars, you can hire the botnet to launch traffic against a target and potentially disrupt or take down a Web service.

The NCA, together with officers from various Regional Organised Crime Units (ROCUs), arrested a total of six people in connection to Lizard Squad's tool. A 17-year-old from Manchester, three 18-year-olds from Huddersfield, Manchester and Milton Keynes, a 16-year-old from Northampton and a 15-year-old from Stockport have been arrested. Each suspect is male, and while three have been bailed, two have been interviewed under caution.

The operation follows the previous arrests of two 17-year-old men in April and March, also under suspicion of renting the DDoS tool. Agents are also planning to visit roughly 50 addresses linked to the tool, but those at these addresses are not believed to have carried out attacks.

Law enforcement says those arrested are suspected of deploying Lizard Stresser to strike targets including a national newspaper, school, gaming companies and online retailers.

Tony Adams, Head of Investigations at the NCA's National Cyber Crime Unit commented:

"By paying a comparatively small fee, tools like Lizard Stresser can cripple businesses financially and deprive people of access to important information and public services.

One of our key priorities is to engage with those on the fringes of cyber criminality, to help them understand the consequences of cyber crime and how they can channel their abilities into productive and lucrative legitimate careers."

This week, code repository GitHub fended off a DDoS attack which disrupted service across two days. It is not yet known why the website was targeted.

Cybersecurity reads which belong on every bookshelf

Read on: Top picks

• How to access Wi-Fi anonymously from miles away
• Apple OS X zero-day flaw hands over root access without system passwords
• Getting physical: A $10 device to clone RFID access keys on the go
• Amazon dreams of drones-only airspace
• Strike the source: RIAA targets BitTorrent protocol to block pirate content
• Three top tips to keep connected cars safe from hackers

In pictures:

• Top 5 security practices in staying safe online: From the experts
• Cybersecurity reads which belong on every bookshelf
• Must-have iOS, Android productivity apps
• Safari browser extensions you never knew you needed