Upon waking this morning many Xbox gamers found themselves unable to log-in, starting at approximately 6am EDT today. Microsoft is working on the problem and says that it has restored most of the systems, but account log-in issues may still pervade the system. According to the Microsoft Xbox status page that some services are still ‘Limited’ at time of writing.

The down time affected a multitude of systems including Xbox One and Xbox 360 and other devices. The trouble started with the Xbox Core services, but quickly spread to services such as Netflix, On Demand, and YouTube.

The website Paradiger reports that a “greyhat” hacker group has taken credit for the downtime on Twitter. The group, going by the Twitter moniker @TeamBudyBear, claims the same sort of philosophical “activism” as Lizard Squad and LulzSec by taking down the service to prove that it’s insecure.

“We’re doing these attacks to show everyone how bad big company’s care about security,” the Internet mayhem crew wrote in a new-deleted tweet. “We as teenagers know how to fix their servers.Pathetic.”

The hacker group further claims that the attack took place via getting root at the main DNS for Xbox Live and then using an NTP flood. In 2014 Network Time Protocol (NTP) floods have been increasingly used to amplify attacks to increase the effectiveness of smaller distributed denial of service (DDoS) attack infrastructures. DDoS mitigation service Black Lotus reported some of the largest DDoS attacks used NTP to escalate attacks in 2014.

The DDoS attack claim is unsophisticated and relies on very little technical knowledge. In fact, Lizard Squad currently sells DDoS-for-hire services that have in the past taken the Xbox Live network offline, as seen during the Christmas Day Siege of Xbox Live.

However, the claim of getting DNS root could be more meaningful. So far Microsoft has not commented on the nature of the attack beyond status updates as to returning services to normal.

Gaming services an increasing target of hackers

The 2010’s have seen quite a few hacker groups take up DDoS attacks to disrupt gaming services—examples include LulzSec, DerpTrolling, and Lizard Squad. The action of a DDoS attack is not very sophisticated and simply relies upon sending an overwhelming amount of data at the target as to knock it offline.

Gaming services such as Xbox Live and League of Legends are vulnerable to attack because they must be open to the public, in order for players to play on their systems, and also commonly run at near capacity during popular times. Adding a flood of garbage data on top of already existing load can usually topple these networks.

These attacks are relatively easy, highly disruptive, and picked up quickly by the gaming media and thus provide a platform to add credibility and celebrity to Internet mayhem groups.