Two teenagers face charges from the U.S. Justice Department for allegedly being members of well-known hacking groups Lizard Squad and PoodleCorp.
On Thursday (Oct. 6), Krebs on Security reported that the pair have been charged with credit card theft and operating services that enabled paying customers to launch cyberattacks with the intention of knocking websites offline.
The two 19-year-olds, Zachary Buchta and Bradley Jan Willem van Rooy, are believed to have conspired to cause damage to protected computers.
“The charges are the result of an international investigation into the computer hacking groups ‘Lizard Squad’ and ‘PoodleCorp,’ according to a criminal complaint and affidavit filed in U.S. District Court in Chicago,” a statement from the U.S. Attorney’s Office for the Northern District of Illinois said.
“Buchta and van Rooy allegedly conspired with others to launch destructive cyberattacks around the world and trafficked payment accounts that had been stolen from unsuspecting victims in Illinois and elsewhere,” it continued.
Last year, the U.K.’s National Crime Agency (NCA) arrested six teenagers for allegedly attempting to access a tool used by the Lizard Squad hacker group. Just days after those arrests were made, the NCA itself was taken down by a targeted cyberattack.
The NCA’s website was down for more than an hour and was the target of a distributed denial-of-service (DDoS) attack. In DDoS attacks, hackers bombard a targeted website with an overflow of data, eventually causing the entire network to crash.
Lizard Squad took to Twitter shortly after the attack to take credit for the site shutdown.
The group also gained press last year for supposedly launching a new business venture that allows anyone to join its security-breaching ways for a low cost of $6 a month.
The subscription service known as LizardStresser allows subscribers to obtain a distributed denial-of-service attack tool.
“This booter is famous for taking down some of the world’s largest gaming networks, such as Xbox Live, Playstation Network, Jagex, BattleNet, League of Legends and many more!” the LizardStresser homepage boasted at the time. “With this stresser, you wield the power to launch some of the world’s largest denial-of-service attacks.”