Microsoft is investigating reports of a “booting service” that’s apparently being used by sore losers on Xbox Live to flood other gamers off the service.
Hackers discover the IP address of players on Xbox Live and then use essentially the same tools and techniques that have been used against websites for years to hit them with floods of data that force them off the network, according to Chris Boyd of Facetime Communications. “There’s been a definite increase in the amount of people talking about and distributing these things over the last three to four weeks,” he said. “They get your IP address, put it in the booter tool and they attempt to flood the port that uses Xbox traffic. Flooding that port prevents any traffic getting out.”
Boyd said the hardest part of the attack is discovering a user’s IP address. Some users connect their Xbox 360 consoles to their PC and use packet sniffing software to seek out IPs, while others use “con tricks” to convince their targets to reveal the addresses themselves. People who have mastered the art of screwing things up for others are now even advertising their services over Live; for about $20 some hackers will access a “customer’s” PC and install the system so it can be run whenever it’s needed and for “low rates” will even set up a botnet to make the flooding more effective. A BBC report says the services are particularly popular with people looking for payback against players who have beaten them in online games.
“The smart thing about these Xbox tools is that they do not attack the Xbox Live network itself,” Boyd said. But while that may make it more difficult to track offenders, Microsoft was very clear that it won’t protect them when they’re discovered. “We are investigating reports involving the use of malicious software tools that an attacker could use to try and disrupt an Xbox LIVE player’s internet connection,” the company said.
“This problem is not related to the Xbox Live service, but to the player’s internet connection. The attacker could also attempt [to] disrupt other internet activities, such as streaming video or web browsing, using the same tools,” the statement continued. “This malicious activity violates the Xbox Live Terms of Use, and will result in a ban from Xbox Live and other appropriate action.”