Pokemon GO Server Issues Over the Weekend May Have Been a DDoS Attack

ffronw

I am a meat popsicle
Oct 24, 2013
2,804
0
0
Pokemon GO Server Issues Over the Weekend May Have Been a DDoS Attack

//cdn.themis-media.com/media/global/images/library/deriv/1336/1336941.jpgA hacker group has claimed responsibility for this weekend's server downtime in Pokemon GO.

If you were frustrated with the downtime in Pokemon GO this past weekend, you may have a hacker group to blame. There were restored early Sunday morning [https://www.vg247.com/2016/07/16/pokemon-go-servers-still-suffering-outage/].

A hacker group called OurMine claims that it was behind the downtime. The group told TechCrunch [https://techcrunch.com/2016/07/17/ourmine-attacks-pokemon-go-servers/] that they wouldn't stop the DDoS until someone from Niantic contacted them. The group posted on their website, saying, "No one will be able to play this game till Pokemon Go contact us on our website to teach them how to protect it!"

OurMine said that they were a trio of teenagers who was trying to spread the word about security. They explained that the reason they carry out DDoS attacks on game servers was that, "We don't want other hackers attack their servers, so we should protect their servers." But OurMine isn't the only group claiming responsibility. Another group called PoodleCorp also claimed responsibility [https://twitter.com/PoodleCorp/status/754298236093857792].

Niantic hasn't admitted that anything oput of the ordinary caused the downtime, so this could be a case of hackers taking credit for something purely for publicity purposes. Of course, it could also be a case of the company not wanting to admit they've suffered an attack.

Either way, there have certainly been some downtime issues with Pokemon GO. Here's hoping that the servers are a bit more robust as the game rolls out in more countries.

Permalink
 

Fappy

\[T]/
Jan 4, 2010
12,010
0
41
Country
United States
Considering how the servers have been behaving already, I highly doubt it was an attack. Also consider the game launched in 20-something countries that same day...
 

Scarim Coral

Jumped the ship
Legacy
Oct 29, 2010
18,157
2
3
Country
UK
While their intention is good but it still kinda a dick moves. In saying so however the server is weak at best.
 

weirdee

Swamp Weather Balloon Gas
Apr 11, 2011
2,634
0
0
Hard to tell. It's like somebody trying to destroy an ocean by peeing in it.
 

Lasse Christiansen

New member
Apr 28, 2016
2
0
0
If these guys are so bored that they want to ruin peoples good time then why dont they play the game they are trying to destroy instead?
 

Lasse Christiansen

New member
Apr 28, 2016
2
0
0
Also Escapist should not have reported this story. These guys want attention and they just gave it to them. There isnt even proof these idiots did it. The server would have crashed anyway, hell i can crash it just by catching a pidgey. Buttomline PoodleCorp try hacking something that matters!
 

Rituro

Critwrencha
Sep 18, 2008
151
0
0
Somehow I think the reported 47mil people in the login queue had more to do with the server issues than alleged hackers.
 

Headsprouter

Monster Befriender
Legacy
Nov 19, 2010
8,662
3
43
OurMine also reports that their senior member's dad's uncle's sister's cousin's dog-sitter works for Niantic, and they told him that...
 

Keoul

New member
Apr 4, 2010
1,579
0
0
Obvious attention seekers
"We don't want other hackers attack their servers, so we should protect their servers."

Protect it by attacking it what?
 

Shymer

New member
Feb 23, 2011
312
0
0
Hello. I work in the DDoS mitigation business.

We have seen several groups claim responsibility for poor server performance of Pokemon Go. Whether you designed the platform, secured it, or attacked it, that's not something to be proud of. The gaming sector is the primary target of DDoS attacks and the more high profile the target, the more likely it will be hit by someone trying to make a name for themselves - and the more flies gather after the event. The attacks on PSN and XBox Live over Christmas 2014 were specifically to market a criminal group's DDoS attack capabilities - the motivation was not altruistic - it was financial. Alleged members of the group then appeared on BBC radio (and ended up in court).

A 'big bang' launch of a popular web application such as these invariably has early performance issues. The companies always want their initial costs to stay low until demand is proven and seldom build infrastructure assuming a massive customer take-up. The advent of cloud computing services from Amazon, Microsoft and others has provided tools to build an enormous amount of elasticity into a web platform. DDoS mitigation services are readily available as well as load and DDoS testing services.

DDoS mitigation is expensive to deploy - hundreds of thousands of pounds per data centre - and companies often make a risk calculation based on expected loss if the service is down for a short while. It doesn't always indicate weak security if a server is downed by a DDoS - simply a risk calculation that the cost of outage is lower than the ongoing cost of mitigation. DDoS is a tax on certain types of web business. A growing number of DDoS attacks are apparently being used to mask other kinds of hacking or data exfiltration - but sometimes it's hard to tell the difference between badly designed server performance, brute force hacking and DDoS. Sometimes companies have not invested in the technology and services to be able to detect and diagnose these issues.

Anyway - successful web application has poor performance at launch - "I did that" claims someone. golfclap.
 

Infernal Lawyer

New member
Jan 28, 2013
611
0
0
Keoul said:
Obvious attention seekers
"We don't want other hackers attack their servers, so we should protect their servers."

Protect it by attacking it what?
At best it's an underhanded way of asking someone to give you a job.

At worst it's blatant attention seeking. Which it certainly looks like considering multiple people are claiming responsibility (well, it's hardly impossible that multiple people came up with the same idea at the same time, but still).
 

Fensfield

New member
Nov 4, 2009
421
0
0
... How do you bring attention to a security issue with a DDoS attack? Those things are blunt instruments only defeated by disproportionately strong networking hardware, aren't they?