National Crime Agency
Printable version

Operation Vivarium targets users of Lizard Squad’s website attack tool

Six people have been arrested in the UK as part of an operation targeting users of hacking group Lizard Squad’s Lizard Stresser tool, software that allowed users to pay to take websites offline for up to eight hours at a time.

The tool worked by using  Distributed Denial of Service (DDoS) attacks, which flood web servers or websites with massive amounts of data, leaving them  inaccessible to users.

Operation Vivarium was coordinated by the National Crime Agency (NCA), and involved officers from various police forces and Regional Organised Crime Units (ROCUs).

Those arrested are suspected of maliciously deploying Lizard Stresser, having bought the tool using alternative payment services such as Bitcoin in a bid to remain anonymous. Organisations believed to have been targeted by the suspects include a leading national newspaper, a school, gaming companies and a number of online retailers.

The warrants executed this week included:

  • A 17 year-old male from Manchester had computer equipment seized and was interviewed under caution by the NCA’s National Cyber Crime Unit (NCCU) on 27 August.
  • A 18 year-old-male from Huddersfield arrested and bailed on 27 August by Yorkshire and Humberside police.
  • A 18 year-old-male from Milton Keynes interviewed under caution by the South East ROCU on 26 August.
  • A 18 year-old male from Manchester arrested and bailed by North West ROCU and Greater Manchester Police on 26 August.
  • A 16 year-old male from Northampton arrested and bailed by East Midlands ROCU on 26 August.
  • A 15 year-old male from Stockport arrested by the North West ROCU and Greater Manchester Police on 24 August.

Two other suspected users of Lizard Stresser were arrested earlier this year:

  • A 17 year-old male from Cardiff arrested and bailed by South Wales ROCU and NCCU on 16 April.
  • A 17 year-old male from Northolt arrested and bailed by the Metropolitan Police on 03 March.

Officers are also visiting approximately 50 addresses linked to individuals registered on the Lizard Stresser website, but who are not currently believed to have carried out attacks.

A third of the individuals identified are under the age of 20, and the activity forms part of the NCA’s wider work to address younger people at risk of entering into serious forms of cyber crime.

Those receiving visits will be told that DDoS attacks are illegal, can prevent individuals from accessing vital online services, and can  cause significant financial and reputational damage to businesses. They will also be informed that committing cyber crime can result in severe restrictions on their freedom, access to the internet, digital devices and future career prospects.

Tony Adams, Head of Investigations at the NCA’s National Cyber Crime Unit:

“By paying a comparatively small fee, tools like Lizard Stresser can cripple businesses financially and deprive people of access to important information and public services.

“This multi-agency operation illustrates the commitment of the NCA and its partners to pursuing people who think they can criminally disrupt important public services or legitimate businesses.”  

“One of our key priorities is to engage with those on the fringes of cyber criminality, to help them understand the consequences of cyber crime and how they can channel their abilities into productive and lucrative legitimate careers.” 

With approximately 30% of UK businesses reporting that they’ve suffered a DDoS attack in the last year, the NCA and its partners continue to remind businesses to take steps to protect themselves. The government’s Cyber Essentials Scheme provides guidance on how to guard against and mitigate threats from cyber crime. Further advice on staying safe online can be found on and


Channel website:

Share this article

Latest News from
National Crime Agency