LulzSec takes down Minecraft on what they call "TitanicTakeoverTuesday"

After a busy day for Lulzsec, the hacking group have now set sail the Lulzboat and began to fire their Lul-cannons at Minecraft.

The group managed to take down: Minecraft servers, Escapist Magazine, EVE Online, FinFisher and Senate.gov all on the same day, and it appears the group shows no sign of stopping with their antics.

The group posted on their Twitter “Just sunk the Minecraft login server, looks like their website also got hit from overkill: minecraft.net not even firing at the site.”

For Minecraft users, it’s a sad day, and for Internet freedom, an even worse day. The inevitable outcome by governments to protect themselves and corporations from cyber-attacks will likely be reducing users' anonymity in hopes to reduce the number of cyber-attacks.

Russian Security Company, Kaspersky, has previously been quoted as saying "Everyone should and must have an identification, or internet passport. The internet was designed not for public use, but for American scientists and the US military. Then it was introduced to the public and it was wrong to introduce it in the same way." The quote could become a reality if the number attacks continue to grow with no real protective measures in place to protect such high value websites.

LulzSec later said via Twitter “Eve Online, Escapist Magazine and Minecraft are all down. We let Fin Fisher back up (30 minute temporary fire request completed!)” Followed by “Welcome to #TitanicTakeoverTuesday where everyone is laughing at crybabies getting Lulz Cannoned!”

The takedowns still appear to be a friendly joke to the group; however the victims certainly won’t be feeling the same way.

Report a problem with article
Previous Story

LulzSec hacks Escapist Magazine and EVE Online

Next Story

Rumor: Successor to Xbox 360 to debut at E3 2012

122 Comments

Commenting is disabled on this article.

Some people are missing the point, they arent exactly stealing private data, just showing of themselfs and in the process showing of the exploits those sites have. It's not like they are DoSsing those sites 24/7 like usually "war" is.

MidnightDevil said,
Some people are missing the point, they arent exactly stealing private data, just showing of themselfs and in the process showing of the exploits those sites have. It's not like they are DoSsing those sites 24/7 like usually "war" is.

lulsec keeps posting their found information all over the internet

Lulzsec needs to die. What did Minecraft do to deserve it? They are just hacking people for the sake of hacking now - it needs to stop. Hope they go to jail and get fined a bazillion dollars.

Im sick of hearing about this stupid game !

It always Minecraft this and minecraft that likes its the new benchmark for gaming
Take em down and keep em down for all i care

I am Not PCyr said,
Im sick of hearing about this stupid game !

It always Minecraft this and minecraft that likes its the new benchmark for gaming
Take em down and keep em down for all i care

yes, a game is too mainstream, totally worth doing serious harm to a companie's finances... and egging on the illegal access of the thousands of computers required to drop the mincraft servers. *sigh*

Mr. Black said,
OK this is f'ing stupid - why hack Minecraft?
They did NOTHING wrong...

None of the servers they have hacked have done anything wrong.

I think this is a "big brother" set up... These attacks are going to continue all over the world and justify a new internet ID law, this is the only way for the state to increase it's control over the people without a majority turning against them. Now you probably think I'm just a nutcase, that's fine, but spend just a minute or two thinking about whats going on all over the western civilized world, the governments are becoming more & more complete control freaks, they don't give a crap about the peoples opinions, the majority is unaware/or to lazy to care about what's going on, governments want to increase their power at all costs. Weird isn't it? Freedom is at stake.

I follow them on twitter and while I think sometimes taking someone down (like PSN) is good it just sounds like they are trying to get their name out there and looking for security jobs. Ive seen a few "hire this guy for security" tweets.

Hey I can see their point, internet is always asking for more security but lots of websites are just disregarding that, their actions will enforce security on website

but for gods sake whyyyyyy minecraft >_<

Midnight Mick said,
You wait, Steam will be next...

I think Steam would have been targeted before now if they were able to. I certainly hope not as Steam is the service I currently use and have actually bought games from besides Amazon.

Conspiracy. The governments are going to use this and other such acts as justify locking down the internet. Wouldn't be surprised if years from now we found out that government agencies did this on purpose.

Its all very convenient considering the powers that be are pushing laws to control the 'wild west' that is the internet.

Harsesis said,
Conspiracy. The governments are going to use this and other such acts as justify locking down the internet. Wouldn't be surprised if years from now we found out that government agencies did this on purpose.

Its all very convenient considering the powers that be are pushing laws to control the 'wild west' that is the internet.


That doesn't make any sense. How is it, when they first got started, they were clearly just a group of immature hackers. But now that they're going to far, it's clearly a government conspiracy?

Is it just too hard to accept that there's a group of douchebags on the internet? If you seriously think our governments are this clever and capable and able to orchestrate large-scale mass attacks from around the globe without a hiccup, then how can anybody think at the same time that the governments are too inept to govern? Clearly they're smarter than the rest of us if they're pulling off all of these conspiracies, and people that smart ought to be left in charge.

Harsesis said,
Conspiracy. The governments are going to use this and other such acts as justify locking down the internet. Wouldn't be surprised if years from now we found out that government agencies did this on purpose.

Its all very convenient considering the powers that be are pushing laws to control the 'wild west' that is the internet.

...conspiracy, lol. I'm sure these well known groups would love to be taking credit for a govt job aimed at further restricting their "hobbies". right.

For Minecraft users, it's a sad day, and for Internet freedom, an even worse day. The inevitable outcome by governments to protect themselves and corporations from cyber-attacks will likely be reducing users' anonymity in hopes to reduce the number of cyber-attacks.
Which will inevitably force internet users to take further steps to protect their anonymity. Politicians really have no idea when it comes to some things, IT being one of them.

"The takedowns still appear to be a friendly joke to the group".
Neowin seems to be enjoying this hell... Let's see if they'll say this "appears to be a friendly joke" when LulzSec take Neowin down...
Crimes are crimes, no matter if it looks "funny". Anyway, i don't see anything funny in this group...

yowan said,
League of Legends login servers down
Probably not the hacking group.....LoL usually goes down every Tuesday for updates (including the free champions of the week changes).

Too bad these kiddies only know how toe exploit zero day expoits and DDoS.... not even true hackers finding the holes themselves....

Stewart Gilligan Griffin said,
Too bad these kiddies only know how toe exploit zero day expoits and DDoS.... not even true hackers finding the holes themselves....

That may not be true... Why work more when you don't have to?

Stewart Gilligan Griffin said,
Too bad these kiddies only know how toe exploit zero day expoits and DDoS.... not even true hackers finding the holes themselves....

You're missing the point, Lulzsec are showing people that sites have security issues. Not really the immediate hack of getting into the site, but more so about what the company does about hackers getting into their sites.

Yes, they might use 0day exploits and no the site admins can't really stop them at times, however what happens once the hackers are in the network is a whole different kettle of fish.

Machines that are hosting public websites should not have customer data easily accessible, and for sure should not have it all laid out unencrypted for easy pickings. More so, like the recent blink hack, the admins should be able to monitor their servers not have hackers in there for over a month doing what ever they want, mapping their network out with ssh on other server etc. Tripwire setups should have gone off way way before then.

sagum said,

You're missing the point, Lulzsec are showing people that sites have security issues. Not really the immediate hack of getting into the site, but more so about what the company does about hackers getting into their sites.

THERE IS AN ENTIRE INDUSTRY BUILT AROUND DOING THIS LEGITMETLY. THIS IS HAPPENING CONSTANTLY AT ALL TIMES WITHOUT SOME DICKS ON THE INTERNET GETTING THEIR ROFLS OFF ON IT. They are not vigilantist heroes, they're idiots that have control of a couple of botnets and openly documented exploits found by real gray/blackhats and they're edging ever closer to cyber terrorists as they target financial and government sites

AgentGray said,

THERE IS AN ENTIRE INDUSTRY BUILT AROUND DOING THIS LEGITMETLY. THIS IS HAPPENING CONSTANTLY AT ALL TIMES WITHOUT SOME DICKS ON THE INTERNET GETTING THEIR ROFLS OFF ON IT. They are not vigilantist heroes, they're idiots that have control of a couple of botnets and openly documented exploits found by real gray/blackhats and they're edging ever closer to cyber terrorists as they target financial and government sites

Obviously THAT industry isn't working.

As you said, any idiot can go and find the open documents on the exploits and hack into these websites where the idiots can find details, not limited to account names and passwords. Why?

Because the site admin's aren't following up on security notices that get put up on several security bug watch mailing lists. Not only that, but these same admins who the public trust with their personal details don't seemingly care what happens to information about us if they did get 0day exploited/hacked. No defense is enforced once a hacker gets onto the server, passwords at the very least should be encrypted!

When you have a company the size of Sony, or banks such as Citi group who should based on their profit margins and size, know full well that they need to get a industry known security expert to check over their network every day at least. Instead they run with the money.

Maybe, just maybe other internet based sites will be reviewing their security, and the staff they employ.

At least Lulzsec do make it public that they've hacked sites, in the past a company would be redfaced and cover it up, its estimated that upto 80% of companies don't report any hacks on their network. THAT alone should make you very very worried.

I despair of people laughing at this. As a hoster who has had servers hacked there is nothing laughable, some people can't imagine the stress it causes, you can spend years building it up and someone decides to trash something just for jollys, they really are scum and anyone who finds it funny deserves to be on the recieving end.

Yeah but it's like laughing at the Darwin Awards. Most people in there had a family at the funeral, but you just don't care until it happens to you.

Hacking = gaining unauthorised access, no? I don't see your point, if one person can do something, anyone can do it.

xendrome said,
The thing is, they aren't "hacking" anything TBH, they are exploiting exploits... which anyone can do...

They aren't really exploiting anything here but limited server resources

Well, by saying the 'lulzcannon' I assume they mean DDoS, they have never said they were hacking the sites.

Exploiting exploits is hacking, if there wasn't any exploits, how would people gain unauthorised access? Other than using social engineering.

ApuBo said,
Lol in coments Sethos88 requests that Neowin.net shall be their next target xD or mess with.

Lol.

Starting to think these hacking are consipracy... so that they can have reason to invoke the internet identity protocol

k33nz said,
Starting to think these hacking are consipracy... so that they can have reason to invoke the internet identity protocol

tbh with you I believe it to be more true than ever.

k33nz said,
Starting to think these hacking are consipracy... so that they can have reason to invoke the internet identity protocol

mass panic!!!

prez. obama gonna shutdown the internet in
6...... 5....4...3......2....!!!!!

Ahem. I don't think I'll be taking advice as neutral and in my best interest from someone who's entire business model is centered on selling security products.

epk said,
Love the comment from Kaspersky, basically saying "this is why we can't have nice things"

Hehe...I didn't look at it that way until you posted you comment, now it is all I can see!

NightSt@lk3r said,
I see a Lulziceberg on the horizon for the Lulzboat.

Thinking more of a LulzTASM (Tomahawk Anti Ship Missile)...

They made me LOL, not directly though. I've read this on a site, about their "hacking" of Minecraft:

"Post by Barrock (1,268 posts)
Online Now

Really wish someone who could actually hack would hack them back. Hacker on hacker action would be hot.
"

That sounds so... gay! Hacking, it seems, can turn sites off and people on! LOL

Ulyses said,
They made me LOL, not directly though. I've read this on a site, about their "hacking" of Minecraft:

"Post by Barrock (1,268 posts)
Online Now

Really wish someone who could actually hack would hack them back. Hacker on hacker action would be hot.
"

That sounds so... gay! Hacking, it seems, can turn sites off and people on! LOL


anon might have to do something like this. anon (at one point) did things correctly (such as the Sony incident). Their name is being hurt with this group.

I might not have explained myself correctly or some may simply not want to see that point of view.

Stewart Gilligan Griffin said,

Eh they are a bunch of pansies, they'd never go after a site like this or even a place like Apple...

Yet they went after Senate.gov....

smooth_criminal1990 said,
FFS this is just getting tiresome now.
In some respects yes. But it is quite funny that we leave our sensitive information with various companies trusting their lies about how secure our data is when a "bunch of spotty teenagers" can get at it... leaves food for thought

smooth_criminal1990 said,
FFS this is just getting tiresome now.
In some respects yes. But it is quite funny that we leave our sensitive information with various companies trusting their lies about how secure our data is when a "bunch of spotty teenagers" can get at it... leaves food for thought

Panda X said,
These people have to have no friends at all. I find it funny how pathetic they are.

Well, some people just can't be social and get a life outside of a computer. They are rejected by society and shelter themselves in their homes with nothing more than computers. What else do you expect from them? They need to feel special someway.

Panda X said,
These people have to have no friends at all. I find it funny how pathetic they are.

Yes. They just another fat nerds trying to make internet friends.

Lucas said,

Well, some people just can't be social and get a life outside of a computer. They are rejected by society and shelter themselves in their homes with nothing more than computers. What else do you expect from them? They need to feel special someway.

That's what World of Warcraft is for.

Panda X said,
These people have to have no friends at all. I find it funny how pathetic they are.

With other words, idiotic teenagers with inattention

Lucas said,

Well, some people just can't be social and get a life outside of a computer. They are rejected by society and shelter themselves in their homes with nothing more than computers. What else do you expect from them? They need to feel special someway.

You just described me

Most likely they aren't that good.

It's probably a bug on a sever OS or web server version, or a router's software version they exploit, making it look like they actually can do anything.

I would look to what those sites they attack have in common, hardware or software. I bet they only have so many tricks up their sleeves.

Ulyses said,
Most likely they aren't that good.

It's probably a bug on a sever OS or web server version, or a router's software version they exploit, making it look like they actually can do anything.

I would look to what those sites they attack have in common, hardware or software. I bet they only have so many tricks up their sleeves.


apache auth digest 0day.

Vegetunks said,
LulzSec, Nice one, my other-halfs Eight Year Old is now upset he can't get on Minecraft.

Be truthfull, it's you whose upset

Vegetunks said,
LulzSec, Nice one, my other-halfs Eight Year Old is now upset he can't get on Minecraft.
Eight years old? Not to old for a slap then.

Vegetunks said,
LulzSec, Nice one, my other-halfs Eight Year Old is now upset he can't get on Minecraft.

So these idiots are now directly attacking the fun of children. They're showing less intelligence than those children now.

Vegetunks said,
LulzSec, Nice one, my other-halfs Eight Year Old is now upset he can't get on Minecraft.

Aww bless - these guys are just pure nit-wits. Anon, I can understand reasoning behind some of their attacks and agree with some of them but these guys are morons. Ruining people source of entertainment and disturbing the peace.

Lulzsec's primary means of access is an Apache 0day. Also, one of their primary members works for a Tier 1 ISP, thus giving him privileged access to some high level routers/customer information.

ChuckFinley said,
Lulzsec's primary means of access is an Apache 0day.

So can we stop all the trolls about Windows being a lot more insecure than linux now? Old trolls are old.

Anthonyd said,

So can we stop all the trolls about Windows being a lot more insecure than linux now? Old trolls are old.

He didn't say anything about Windows or Linux... Apache is server software, it runs on Windows, Linux, Mac, BSD and multiple other platforms.

nb; Are trolls really trolling themselfs these days?

ChuckFinley said,
Lulzsec's primary means of access is an Apache 0day. Also, one of their primary members works for a Tier 1 ISP, thus giving him privileged access to some high level routers/customer information.
How do you know they have someone working for a Tier 1 ISP? Speculation or fact? Link?

ChuckFinley said,
Lulzsec's primary means of access is an Apache 0day. Also, one of their primary members works for a Tier 1 ISP, thus giving him privileged access to some high level routers/customer information.
How do you know they have someone working for a Tier 1 ISP? Speculation or fact? Link?

wouldn't it be better if these servers were more secure. All I am getting from this madness is that these sites/servers should have been more secure. Nothing more, nothing less, but it is definitely hilarious how they can just take servers down

firebelly said,
wouldn't it be better if these servers were more secure. All I am getting from this madness is that these sites/servers should have been more secure. Nothing more, nothing less, but it is definitely hilarious how they can just take servers down

A DDoS is not really a security problem, they are basically flooding the site with a bunch of requests from a bunch of locations. The only way to protect against them is to have backup servers and a lot of serving capacity

Sraf said,

A DDoS is not really a security problem, they are basically flooding the site with a bunch of requests from a bunch of locations. The only way to protect against them is to have backup servers and a lot of serving capacity

DDoS is very very much a real security problem.

With tools such as LOIC that anonymous uses, anyone can take part in taking down a website or service by downloading the problem and 'opting' in.

However, the DDoS that Lulzsec are doing goes way above and behond simple Opt-In.

What Lulzsec are showing here is their raw power of botnet (I assume multiple) they have control of. Something that in recent months Microsoft and the American goverment have been excited about claiming to have uncoverd and taken control of the domains uses to control the botnet.

Zombie machines are usually part of bigger Botnets and most of the computers are infected with some trojan (windows) or have been rooted (linux) and infected, eitherway the machines have and still do suffer from quite bad security themselfs.

If company networks followed up on things like patch tuesday for microsoft windows, kept their linux boxes uptoday, didn't have poorly written websites and services we wouldn't see a large amount of the zombie machines that are participating in these DDoS attacks.

Not only that, but people who have counterfit versions of Windows installed, and/or whos users won't update them in fear of being caught or can't because of windows genuine advantage checks are morelikly to have trojans sitting on their machines waiting to join in the DDoS attacks too.

So yes, DDoS attacks are very much about security.

In the past these types of botnets would have been more comonly used for things like captcha processing or spamming email, or mass account creation on certain sites. DDoS efforts would be generally targeted at other hackers or people that would 'get in the way'... and while actual websites and services would be targeted their downtime due to DDoS would not be reported in the media much in the same way hacked sites would get swept under the carpet.

Do not fall in the trap of thinking its their fault for your game servers going down, while it is them setting the DDoS target, its unsecure (ie machines with Security issues) that are the problem. Whine about that to the government, make companies face fines for Zombie machiens on their networks, have users internet connections removed with '3 strikes' for failing to secure their connection.
Otherwise if we just assume its Lulzsec's fault (they've just brought the underground in to the public eye) we're going to have government trying to censor us and push us into corners while the real hackers will be running around under the radar doing what they like still.

By hacking things like Eve Online and Minecraft they are just turning everyone against them.

I'm going to laugh when they get caught (and they will), and I hope they rot in prison.

TRC said,
By hacking things like Eve Online and Minecraft they are just turning everyone against them.

I'm going to laugh when they get caught (and they will), and I hope they rot in prison.

Yea I gotta agree, why those two?

TRC said,
By hacking things like Eve Online and Minecraft they are just turning everyone against them.

I'm going to laugh when they get caught (and they will), and I hope they rot in prison.

If whatever country they are in cares that is... I am fairly certain that they are from China or something. No one sane in the US would hack the Senate and the Feds

Phil DeLong said,

Yea I gotta agree, why those two?

Indeed. I don't see what "just because we can" does to legitimately help anyone anywhere.

xendrome said,

Because those sites had open exploits... easiest targets..

I totally agree with you, they didn't choose their target specially, that's why the Eve Online and Minecraft where hacked. There isn't any particular reason.

rajputwarrior said,

this answer wins!

It's true as well. These guys aren't in it for picking sides or supporting some form of cause, they're doing it for the hell of it.

"Because he thought it was good sport. Because some men aren't looking for anything logical, like money. They can't be bought, bullied, reasoned or negotiated with. Some men just want to watch the world burn"

TRC said,
By hacking things like Eve Online and Minecraft they are just turning everyone against them.

I'm going to laugh when they get caught (and they will), and I hope they rot in prison.

What exactly they have to win if they get YOU in their side? Why they must care who is with them and who isn't ? If you get in their side, do you think it will help 'em somehow? Will you protest for them to avoid the jail? ha.

Majesticmerc said,

It's true as well. These guys aren't in it for picking sides or supporting some form of cause, they're doing it for the hell of it.

"Because he thought it was good sport. Because some men aren't looking for anything logical, like money. They can't be bought, bullied, reasoned or negotiated with. Some men just want to watch the world burn"


nice alfred quote

Deo Domuique said,

What exactly they have to win if they get YOU in their side? Why they must care who is with them and who isn't ? If you get in their side, do you think it will help 'em somehow? Will you protest for them to avoid the jail? ha.

They want the community to look up to them as some kind of vigilante heroes, that's why they keep claiming their doing this to fight against government corruption. If the entire community and even anonymous think they are a bunch of stupid d****bags it's not going to be as much fun for them because they aren't robin hoods anymore, they're just criminal scum.

I see these sheeples reading about Lulzsec and afraid of what their government will to do them...just pathetic really. The U.S 'supposedly' have the most freedom in the world and people are afraid of their government? It doesn't seem like a democracy republic to me.

I fail to see how an 'internet passport' would even stop these determined Lulzsec. If the U.S passes such a law, it would only be valid in the U.S networks. Would the U.S isolate themselves from the "world wide web" as it was meant to be? The U.S should not be stupid enough to do such a thing. If anyone connect the the network outside of the U.S, they can still target those security weaknesses. The only people affected by such a law are the people living there, and that would be too bad for them if they allow their crooks senators and congressmen to control information flow. I don't think people want different internets. There should only be one internet, one world wide web.

I don't like what Lulsecz is doing, hacking randomly without purpose it seems. I'm probably not surprise Lulzsec splitted out of Anon to make names for themselves. Which led me to believe Anon is co-opted by the fbi, which would love to have their agenda of "internet passport" realized. If you're a midsize/big company, you should already be practicing security safety and hire white hats to protect your company data. They have the obligation to protect their customers data.

Edited by flexkeyboard, Jun 14 2011, 7:43pm :

Are you kidding? Not something you'll need to worry about, the US will end in about three months anyway if these politicians who "serve the people" can't get their **** together.