The cyber criminal ecosystem is a very complex environment to monitor and analyze, many events occurred in the cyberspace seemingly unrelated, instead are connected by a thin line. This is the case of the recent attack against the Sony Pictures, the company was targeted by a group named itself GOP (Guardians of Peace) and according to The Washington Post the hackers used a set of data that came from the Lizard Squad hacking team, whose members are all based in European nations.
The Lizard Squad is the group of hacker that several times hit popular gaming networks of Sony and Microsoft, in the Christmas day the hackers brought down the Play Station Network and the Xbox live service.
In an interview with The Washington Post, a self-proclaimed Lizard Squad member revealed that the group had given stolen data to the Guardians of Peace. The man is the same that released another interview to the BBC last week and if its version is true, it is the first time that the two groups are linked in the cyber criminal scenario and the theory of the attack by North Korea falters.
The man explained the Lizard Squad had contact with GoP, but despite the hacking team shared data used in the attack against Sony Pictures, the Lizard Squad members did not play a crucial role in the offensive against the Sony.
Below an excerpt of the interview:
Some reports suggest you’ve got links to Guardians of Peace, and possibly to the Islamic State. Can you talk about that for a minute?
Well, we do know some people from the gop. We do not have any links to the IS.
But you didn’t work with Guardians of Peace to breach Sony’s network and gain access to the e-mails, etc.? In other words, you know some people but weren’t involved in the Sony hack surrounding ‘The Interview’?
Well, we didn’t play a large part in that.
What part did you play?
We handed over some Sony employee logins to them. For the initial hack.
The Lizard Squad member confirmed that his team “handed over some Sony employee logins” that were used by GoP to target the Sony Pictures.
Is is possible that the GOP is linked to the North Korea?
The declarations of the Lizard Squad member seem to exonerate the North Korea, unless the hypothesis formulated by Reuters is true. The Reuters news agency reported that US investigators speculated that the Government of Pyongyang “contracted out” some of the work involved, a circumstance that could explain the involvement of the Lizard Squad.
“U.S. investigators believe that North Korea likely hired hackers from outside the country to help with last month’s massive cyberattack against Sony Pictures, an official close to the investigation said on Monday.
As North Korea lacks the capability to conduct some elements of the sophisticated campaign by itself, U.S. investigators are looking at the possibility that Pyongyang “contracted out” some of the cyber work, according to the official, who was not authorized to speak on the record about the investigation.” states a blog post published by the Reuters.
The Lizard Squad spokesperson did not provide details on how the group gathered the login information for Sony employees, it is likely the team has found the data during a reconnaissance for an attack on the PlayStation gaming network.
I suggest you the reading of the interview because it includes many other interesting details on the operations of the Lizard Squad.
(Security Affairs – Lizard Squad, GoP)