The popular online games provider Steam, owned by Valve Software, went offline for several hours today, suspected to be due to a distributed denial of service attack (DDOS).
We’re following the action on Twitter.
We actually want to do some gaming. Working long hours we haven’t had much time recently. So at 16:30 CET today we logged on to Steam. Not having logged on for a few weeks we needed to download some updates – which broke at 16:33 telling us Steam was offline.
Naturally the error message, coming from a billion-dollar global corporation that likes to track everything gamers do online, blamed us. We tweeted @steam_games in a manner to preclude this excuse, and did not expect to get a response.
— skankworks (@TheSkankworks) December 23, 2016
We didn’t. Niether did millions of other gamers worldwide. The outage is global and complete.
A group of apparantly loosely-connected individuals have claimed responsibility on Twitter, and are demanding thousands of retweets and follows before they will stop. Demands that ever increase in size as initial targets are reached. As tends to happen when you pay blackmailers – they simply ask for more.
First of all they want 100 reweets:
— Phantom Squad (@PhantomNations) December 23, 2016
Which quickly became a demand for 50,000 follows. Some of these tweets have since been deleted, hence the lack of formatting in some of our embeds.
Here’s a couple of background-info tweets.
The FBI just came to my school and pulled me out of class…. wtf im worried
— crip (@cripthepoodle) October 5, 2016
As most of you saw I was arrested by the FBI a couple hours ago and they seized all my stuff…. this is goodbye pic.twitter.com/xmDALg8Uri
— crip (@cripthepoodle) October 6, 2016
That was several months ago, and a Christmas response was promised:
December 25th is the day I return to cause chaos on gaming networks… stay tuned
— crip (@cripthepoodle) November 3, 2016
A short while ago a member, or perhaps associate of the group, was doxed (along with George Soros, as it happens):
— skankworks (@TheSkankworks) December 23, 2016
That dox, for as long as it remains active, was principly aimed at the hacker alias Star Patrol (his account was deleted from Twitter an hour or so ago), but also contains personal information on George Soros (we do not copy personal info on this site, so if you want it grab it from pastebin before it disappears).
Some of the accounts involved, or at least claiming to be involved, have already been banned from Twitter (extortion being against the EULA) and the remaining individuals have prepared back-up accounts in readiness.
Given the global effectiveness of the attack we are presuming some variant of the Mirai Botnet is involved.
The perpertrators themselves appear to have no political motivations. It appears to be just a bit of fun to them. We note some similarities with the LulzSec attacks of 2011, but it would be imprudent to mention those in detail at this stage.
We feel that the root cause is the domination of Internet services by a few billion-dollar companies who have reduced the peer-to-peer Internet to an out-moded client-server model for their own gain. By dominating markets, monopolizing them one should say, they leverage more income by selling information that they have gathered on us to marketers, advertisers, and spooks. Whether it’s facebook, google, microsoft, apple, or games distributors, the only way that we can ever get stability and security online is to break-up these companies.
We don’t need them. They cost us a fortune. They make us vulnerable, and as the recent “fakenews” bruhaha shows, they wish to censor the information we receive and control our opinions.
There will always be attacks on the Internet. Just as there will be car theives and home invaders. If it was not Phantom Squad, if indeed it is them, then it would be somebody else conducting such attacks. Why? Because they can. It’s a challenge, and when they ruin the evenings of millions of people worldwide they get their 15 minutes of fame that Andy Warhol promised us all.
When we concentrate services into corporate behemoths concerned only with profits and evading tax on them, these attacks will continue to affect millions. When we have governments who are interested only in leveraging the data-gathering capabilities of such companies in order to spy on us all, in case any of us ever find out what they are up to, there is little chance of any action being taken.
The Internet is not a safe-space. Stop expecting it to be, and think about how you are going to protect yourself. Because facebook, your President, or anybody else doesn’t give a damn.
We will update this page with more info as it arrives, but unlike irresponsible sites such as Krebs on Security, we will not be giving out people’s names or trying to pre-empt law enforcement.
Steam servers are currently coming back online, but we can expect a heavy user load for the next few hours. Likely followed by more attacks over the next few days.
A rival group have promised revenge on Phantom Squad. We’ll keep you posted.
— R.I.P Phantom Squad (@PhaggotNations) December 23, 2016
The Phantom Squad accounts have been suspended from Twitter, as we expected them to be. But they are already back with new accounts (the names of which we will not reveal at this time).
Our plan is to do a self-DOS and steam down the pub.
Update 28th December 2016
The doxing of Phantom Squad is in progress. Reported by a Twitter @coldcimo. The claim is that Steam was down due to an overload of pre-Christmas shoppers at the online sales, which was falasely claimed to be a DDOS by the squad.
Meanwhile, why not consider buying some BitCoin? Hard currency, free from corporate and banking control:
Follow @theSkankworks on Twitter