PhantomSquad threatens to take down Xbox Live and PSN this Christmas

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Phantom squad Remember last Christmas when a group of hackers calling themselves LizardSquad ruined the holidays for many video game lovers by knocking the Xbox Live and PlayStation Network offline with a distributed denial-of-service (DDoS) attack?

Well, we could be heading for an action replay.

At least, that may be the case if we can believe a new Twitter account that sprung up at the end of November.

The account – @PhantomSqaud (sic) – claims to belong to a DDoS gang called (you guessed it) “Phantom Squad”, and in a series of tweets they say they have their sights set on disrupting the PlayStation and Xbox Live networks in a co-ordinated denial-of-service attack.

We are going to shut down Xbox live and PSN this year on christmas. And we are going to keep them down for one week straight #DramaAlert

Ok think about this… Xbox Live and PSN have millions upon millions of dollars… but do they use that money for better security?

No. PSN and Xbox don’t use that money to improve their security… So until they open their eyes Xbox Live and PSN will remain vulnerable.

If the threats are true, it will certainly put a damper on the holiday fun for a lot of people, especially those who have just been given a new game or console and are keen to blast each other to smithereens in the true spirit of Christmas.

Of course, we always have to be careful about claims made anonymously on the internet. It takes little more than the technological know-how of a gerbil to create a Twitter account, and make aggressive claims on it.

Sign up to our free newsletter.
Security news, advice, and tips.

Just as we should be wary of taking too seriously any YouTube videos posted online claiming to represent Anonymous which might have been made by any 14-year-old in his back bedroom with a copy of Camtasia and a “V for Vendetta” mask.

But perhaps we should take Phantom Squad’s threats more seriously.

Xbox outage

The group has already claimed responsibility for outages at XBox Live earlier this month, as well as brief disruption that Reddit suffered earlier this week.

As Softpedia reports, the group has also claimed to have launched attacks against Steam, as well as gaming servers for Star Wars: The Old Republic, Grand Theft Auto 5, Call of Duty: Black Ops 2 and 3.

If the threats can be taken seriously, and especially if Microsoft and Sony’s gaming networks do go offline after a malicious attack, then Phantom Squad’s members might want to be looking over their shoulder.

Because, in the past, the authorities have put considerable effort into pursuing those criminals who launch attacks – even if they are being done for teenage “lulz” rather than money.

After all, it was just a matter of days before computer crime-fighting authorities rapidly identified suspected members of the LizardSquad gang in the wake of last year’s attack, and some found themselves facing their day in court.

Everyone should remember that denial-of-service attacks are no laughing matter, and treated seriously by the authorities. If you participate in a DDoS attack, you could end up in jail.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

8 comments on “PhantomSquad threatens to take down Xbox Live and PSN this Christmas”

  1. Simon

    Perhaps PhantomSquad has is a hidden agenda; to encourage those wishing to play PS/Xbox games to instead spend more time with their families when the networks go down…

    1. Jared · in reply to Simon

      Not everyone has families.

  2. hmmm

    If they know of a vulnerability, why not tell everyone what it is in the tweet? Be a whistle-blower if you really care about the state of things. Threatening/acting by doing a DDoS seems be more out of anger. A DDoS against the only "real" consoles doesn't necessarily hurt the companies, as an alternative isn't available. What the DDoS really does is affect the users in this case. Unless it's done for a very long while.

    1. coyote · in reply to hmmm

      Anger? No. Making an intelligent point? No. Immaturity and stupidity? Absolutely yes.

  3. Michael

    How Fascinatingly misguided.
    I do appreciate the concerns that are being expressed about the lack of security and protection of personal data that these corporations may be exhibiting, however to do this on Christmas, which is a holiday about joy, cheer and CHILDREN seems epicly misguided. So, while they MAY hurt Microsoft and Sony, they WILL definitely hurt a lot of children whose big gift or perhaps only gift, given the cost, might be one of these consoles or a new game for one of them, many of which require the network to play or download. Very disappointing to hear that a group I would think is full of very intelligent individuals could not find a better way to make their point.

    1. coyote · in reply to Michael

      Anyone whose only attack is a DoS attack is clearly NOT intelligent. These are kids with nothing better to do. If they are legally of age they still aren't adults because they are very immature.

      No. These kids aren't intelligent; they're bloody stupid. That is *why* they do something like this to make a point – whatever that point might be. They aren't capable of doing it in an intelligent or clever way. Now maybe they are intelligence – but they aren't demonstrating it. Since that's all we know about them we can justify saying they aren't intelligent. Credit in an appropriate way where credit is due; credit them for being unimaginative and immature but they aren't doing anything intelligent here.

  4. coyote

    'No. PSN and Xbox don't use that money to improve their security… So until they open their eyes Xbox Live and PSN will remain vulnerable.'

    Of course they didn't. PSN and Xbox aren't corporations or people. Yet obviously having 'eyes closed' (as you put it) to a problem means you are vulnerable to it (including eyes closed to immature simpletons such as yourselves… yes, stupidity and immaturity are two dangerous things and together they are very potent as you intend on demonstrating). I'm sure it took a great amount of effort to work this out, didn't it? Perhaps a bit more work and you'll be ready for a degree in maths (I'm probably being too generous but I'll accept that I'm not perfect … unlike you). Yet you clearly have really low marks in something else – maturity. How utterly childish your actions are. I bet your parents are so very proud of you… of all the kinds of attacks you do the kind that takes no skill whatsoever… and you'd rather upset others than help them.

    Of course you would expect Sony and Microsoft to use the money to do things that normal decent corporations do – you know, pay their employees, create new products, offer support where they can (which they might have to offer more because you're childish enough to make what must certainly be an intelligible point by denying service to a network or two… it's just it won't get across to anyone except simpletons). I'm sure it is a shocking revelation but gaming consoles require games and games cost a lot of money to create. Clearly though that's the wrong approach.

    Keep your bullying up… hopefully one day you'll meet someone who is willing to fight back – and beat the crap out of you (something I'm sure all the people you will upset will believe you're very deserving of… and who can blame them ?).

  5. stu

    joy, cheer and CHILDREN

    What was Christmas about again?

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.