DDOS Attacks Shake Up Xbox Live Stability, Prevents Users From Accessing Content

Things have been a little rocky over on Xbox Live recently. Though things seem to have stabilized for now, over the last week or so Xbox One users have been reporting a wide range of issues, none of which sound very pleasant to deal with. According to tips sent in (and a whole lot of frustrated posts on social media and gaming forums), this instability has made it impossible to consistently play multiplayer games online, buy new content from the Xbox Live store, and even launch digital (single-player) games. Yes, that means that if you bought Halo 5 digitally, there's a chance that you wouldn't be able to launch it. It gets even worse: At least some users have been unable to play DVDs and Blu-rays on the system.

While setting the Xbox One to "offline mode" should remedy many of these errors, I've also seen reports from people that insist that the problems remain even after they do this. If I'm being totally honest here: It's a real mess. When we tried to test things out here, everything worked fine--but that doesn't mean that other people haven't been dealing with problems for the last week. It makes this all very hard to investigate.

The problems seem to have been caused by a series of Distributed Denial of Service (DDoS) attacks orchestrated by a group called New World Hackers. In an interview with Newsweek, a representative of the group lays out their motives:

We attacked Xbox to protest. Major companies like this have massive servers but no real protection. We want Xbox to update the protection they have, which isn’t much. ... [The Xbox attacks] also prove we do have as much power as we say we do, going out to the doubters. [We could] honestly knock Xbox off the face of the Earth.

I'm not sure that the altruistic front half of that statement aligns with the braggadocios back half, nor with the attacks themselves, which haven't seemingly demonstrated any novel security failings on the part of Microsoft's servers,just the standard susceptibility to DDoSing. That said, the official Xbox Support Twitter account did just tweet vaguely about "charges going through incorrectly" on user accounts, so maybe there is something else going on, too.

Regardless of the causes of the recent instability, the Xbox Live Status page currently shows all green and another tweet from the Xbox Support account says that things should be back to normal. But given the way that things have been going so far this week, I'm not quite ready to give an all clear.

I experienced downage for netflix last night alone. but otherwise all my content was available and I could play mp games without issue. It would be awful to not be able to play MY GAMES for days though..

i haven't been able to play the trackmania beta :(

Can we just stop being idiots and DDOSing things? Please?

I think WE can. Its the assholes that cant.

I'm confused and maybe someone can help clarify. A DDOS attack has very little to do with the security of the server correct? Couldn't you DDOS and shut down any publicly accessible server?

Bummer for anyone affected but I've been playing Rocket League and watching Netflix all week with no issues. The worst I got was the store page was blank last night.

I wasn't able to start Rise of The Tomb Raider for a few days last week, though it's a physical copy. I wonder if this had anything to do with it?

I feel like these sorts of hacktivists would be better off doing something other than causing some minor inconveniences for one video game console. I'm sure it sucks for anyone effected by it. I just don't buy that this people are doing it for altruistic means. Though I'm just hearing about this now.

This was happening to me last night, pretty annoying. I actually got into a game of Halo 5 and couldn't access my rec packs, I was running around for more than half of two games with a pistol and a AR.

@finaldasa: Yes, DDOS attacks don't always need vulnerabilities to target, they can be as simple as just blasting a ton of traffic to drown out legitimate users.

Yesterday evening (EST) was pretty terrible, but most of my friends could access games/streaming services after trying repeated times. However, I wanted to prepurchase and download PvZ GW2, but I couldn't do that until about 2 hours ago today. The purchasing servers were hosed.

"New World Hackers" Yeah, ok. Surprised they didn't sign off with "hack the planet"

There's no protection against ddos short of having way more servers than are actually necessary so what are they trying to prove?

I was locked out of my digital games last night for roughly ten minutes. Everything worked fine after that. I thought it was a simple server quirk at the time. *shrugs*

Script kiddies suck.

@finaldasa: Basically yeah. If you examine the network traffic and you're suddenly getting a spike from a specific IP range you could filter that out but with groups like these they're usually using botnets so there's no simple way to cordon that traffic off.

To put it simply, a DDOS attack is about overloading the capacity for the server to handle requests. Think of a server like a restaurant. It has a finite number of workers at any given time to handle the guests that come in. For times like lunch or dinner, they may schedule more staff to handle the additional load. When a DDOS attack happens, the restaurant is suddenly inundated with guests several orders of magnitude than what they are equipped to handle. They have physical limitations on the amount of guests they can serve at once. Servers have similar limitations as well.

@officer_falcon: Ok that's pretty much what I understood. So how could a DDOS reveal any security flaws like this hacker group claims?

I love when hackers try to have some moral reasoning and then are just total dicks like you'd assume a hacker would be. Nice to have it all in one statement, like Austin says, as if those two jive.

While setting the Xbox One to "offline mode"

Remember when it wasn't going to have that?

@grimreefz: the part that was the worst was starting up a show on hulu get to the opening and then it would go to the dashboard and say to insert a disc for hulu if i had one. games reacted the same way, too so I thought itwas fixed only to be dissapointed later.

I was having problems launching a Blu-Ray disc last night. a F'ING BLU-RAY DISC. It would launch, then stop and say something went wrong, or that it was taking too long to load. I eventually kept trying it and it launched, but WHAT THE HELL.

Just glad they decided to be annoying after the Division beta was already over. I didn't run into any issues with that after the first day.

I've been going all digital this generation and last night made me seriously rethink the decision. I was locked out from EVERYTHING on my Xbox One (games, Netflix, blu-ray player, etc.) when I was connected to XBL. I switched to offline mode and could play single player games, but all the saves from my games are cloud-based apparently, so it appeared as if I'd never played the game before (at least for Wolfenstein). It sucked, as most of what I've been playing lately are online-connected games like Halo 5 and Elite: Dangerous, which was a no-go all night.

I was unable to play Rocket League last night for a couple hours. So I played World of Tanks instead. Everything else I tried seemed to be working fine.

@finaldasa: I don't know of how a DDOS by itself would be a way to reveal security flaws. Unless their method of DDOS is being done by exploiting some other vulnerability already. (see NTP server misuse and abuse)

Usually the only options to deal with a DDOS is to either purchase more equipment to handle the increased load or to wait it out until the attacker gets bored. Both are costly options for any target.

Weird. I've been using it all week without a hiccup. Had no idea anything was going on.

@officer_falcon: Ah ok. Thanks for the info!

@finaldasa: There's ways to deal with DDoS attacks. They're expensive but I'm sure Microsoft can afford it. Basically they're just massive servers at the door that eat bad packets and let good ones through.

@edgework: Would you need something like that if there weren't groups conducting DDOS attacks?

@finaldasa: Probably not. Though there are DDoSs that originate from bugs not malicious intent but that's the exception.

I'm in England and had this issue last night. Netflix stopped working after it finished the episode we were watching (X-Files cliffhanger!) YouTube & Just Cause 3 wouldn't open either. Nothing would launch. Didn't know about the 'offline mode' workaround to try it out. How is that the fix?!?

ahaha love this.

I would guess it hasn't been timed to coincide but it happens that MS have been advertising hard for maybe a week now claiming that their 'cloud' helps them track and combat such things.

@finaldasa: I wrote a blog explaing how DDoS attacks work if you're interested in the concepts behind them. A true, brute-force DDoS attack doesn't really expose any flaws in server security by itself since it just floods the ordinary channels of internet traffic with way more requests than normal. There are some craftier versions like the one @officer_falcon pointed out that can be the result of server config issues. But for the most part, DDoS attacks to large corporations just prove that the attackers have access to a botnet.

I suppose a DDoS attack could cause a server to do something wonky under all of that load, but that would be an odd case.

Man this seems like a shitty situation. Hope it gets sorted out quick!

Also: @austin_walker. "It gets even worse: At least some users have been unable to play DVDs and Blu-rays own the system." 'Own' should be 'on', should it not? Thanks for the scoops, duder!

Weirdly has this post been attacked? Had to get in through the forum as from the main homepage it's a 404?! CHEMTRAILS

@austin_walker

"At least some users have been unable to play DVDs and Blu-rays own the system." Typo?

Also, great. DDOS attacks have always been and will continue to be some real script kiddie tier shit. They've always been frustrating to deal with, but the fact that people build up this ego about it like they're doing something righteous or skillful is just the wooooorst.

The only thing I noticed was ads not popping up on the dash (thanks, guys) and also that my fucking pins are stored server side. That last one is being addressed in an update, apparently. Anyway, nothing warms my heart like seeing these kids in handcuffs. So, at least I have something to look forward to now.

This hasn't affected my ability to play my digital games (which is ALL my games) thank god (which it shouldn't if you're playing on your "home" console), but it certainly is annoying, and fucks up game standby/resume for games that try to connect to Xbox Live automatically (even ones like Rise of the Tomb Raider which has superfluous leaderboards for campaign levels).

There are ads on the main/home screen on the Xbox one? Are you a gold subscriber? What type of ads are they (content/apps in the store or Slim Jim, Toyota lifestyle ads?)

I don't have an Xbox One nor have I had more than 1-2 hours at most of first hand experience....

I still feel like DDOS-ing a site is not a way to expose security flaws. The thing you're exposing is that the servers are not flexible enough to reroute traffic and upscale the amount of bandwith they can handle. This doesn't seem to have anything to do with security to me.

Glad to see that subscription money continue to be almost worthless since they continue to have these bullshit issues. I rarely turn on my console because I use PC but of course the one time I go on to watch the new X-Files season the whole system is on goddamn fire.

Fuck you, MS. Your security cloud commercials are lies!

@austin_walker I fear that we may have hit a hack within a hack here. Hear me out: Remember when Lizard Squad said they were offering a DDoS service for people to use against whoever they ponied up the cash against? I would bet money that these so-called hackers just rang up Lizard Squad and bought some of that service to use against MS. Have we hit a Hack Inception here or something? True, I have nothing to base that assumption on, but it seems like something people would do just "for the lulz" without having to put much effort in themselves.

@kmg90: I am Gold, and it's nothing too bad. Most people probably don't register them as ads. They're usually stuff like "Watch Major Nelson talk about this console bundle" or something. It's not like 360 where you'd get car ads. Still, it's clutter, and for a system with a lot of buried functionality, it'd be nice if that space was used to make some things more forward facing.

Just checking, is this a joke post?

I love that a group wants to highlight issues by performing these attacks, but I'm really curious about what the solutions would be. I'm sure that it would involve users paying MORE than the $60 annually they already pay.

Except a DDOS attack doesn't really expose a vulnerability.

@jigglemaster7: I support this. Too fucking funny.

Hyperbolic but I'm serious. This is the second time this month. The online services in the past couple days were a nightmare with unbelievable error prompts (insert disc when trying to goddamn stream some X-Files). MS has been making a push (at least more so on the advertising side) that they are a security powerhouse through their cloud resources...well I just don't see it.

Wonder if the issues will persist for a few weeks like the PSN hacks a couple of years ago. ( Maybe DDoS attacks are different?)

@finaldasa: Yes, but there are ways to specifically better help protect yourselves against DDOS attacks in cases.

Congratulations hackers. You've used your talents to act like total D-bags.