UK arrests teens for using Lizard Squad rent-a-DDoS service

The NCA has arrested six young people for allegedly buying into the hacktivist groups' Lizard Stresser tool.
Written by Charlie Osborne, Contributing Writer on

UK law enforcement has tracked down and arrested six teenagers believed to have used Lizard Squad's DDoS service.

On Friday, the UK's National Crime Agency (NCA) announced Operation Vivarium, an ongoing project targeting those that have used hacking group Lizard Squad's Lizard Stresser tool, a 'rent-a-DDoS' service which can be used to take websites offline.

Distributed Denial of Service (DDoS) attacks aim to disrupt an online domain. Through the use of botnets, slave computer systems or the redirection of traffic, DDoS attacks can overload a Web service, flooding systems and thereby refusing access to the domain for legitimate traffic.

The Lizard Stresser tool, as noted by Engadget, was launched in 2014 and can be 'hired' through payment via Paypal or Bitcoin. For only a few dollars, you can hire the botnet to launch traffic against a target and potentially disrupt or take down a Web service.

The NCA, together with officers from various Regional Organised Crime Units (ROCUs), arrested a total of six people in connection to Lizard Squad's tool. A 17-year-old from Manchester, three 18-year-olds from Huddersfield, Manchester and Milton Keynes, a 16-year-old from Northampton and a 15-year-old from Stockport have been arrested. Each suspect is male, and while three have been bailed, two have been interviewed under caution.

The operation follows the previous arrests of two 17-year-old men in April and March, also under suspicion of renting the DDoS tool. Agents are also planning to visit roughly 50 addresses linked to the tool, but those at these addresses are not believed to have carried out attacks.

Law enforcement says those arrested are suspected of deploying Lizard Stresser to strike targets including a national newspaper, school, gaming companies and online retailers.

Tony Adams, Head of Investigations at the NCA's National Cyber Crime Unit commented:

"By paying a comparatively small fee, tools like Lizard Stresser can cripple businesses financially and deprive people of access to important information and public services.

One of our key priorities is to engage with those on the fringes of cyber criminality, to help them understand the consequences of cyber crime and how they can channel their abilities into productive and lucrative legitimate careers."

This week, code repository GitHub fended off a DDoS attack which disrupted service across two days. It is not yet known why the website was targeted.

Cybersecurity reads which belong on every bookshelf

Read on: Top picks

In pictures:

Editorial standards