Americas Cardroom Continues Hunt, Contemplates Reward for DDOS Attacker

Updated: September 22nd, 2017 by Dev Ops

US-facing online poker site America’s Cardroom has resumed business as usual after a series of DDOS attacks just prior to the Labor Day weekend that crippled tourney operations and resulted in the cancellation of the last leg of ACR’s ongoing Online Super Series (OSS) Cub3d. However, as ACR has just resumed a new OSS Cub3d series, the hunt goes on for the DDOS attacker, who alleged while attempting to extort ACR a couple of weeks back that the attacks were being funded by a rival site.

That attack was the catalyst for Winning Poker Network Philip Nagy to rant publicly about the situation, including the possibility of a large reward — something on the order of 10 Bitcoin, or up to $50,000 — for the identity of the attacker. “I’m seriously considering offering a reward, 10 bitcoin or something really big to anyone who can bring me proof who has been ordering these attacks,” said Nagy, in a podcast about the attacks. Nagy also stressed that any reward would be paid only for information on already-concluded attacks, thus to not incentivize any further blackmail-type actions.

It was that attacker who logged on to ACR just prior to the repeated attacks, which intermittently spanned several days; the attacker posted information about the impending attacks just before releasing the DDOS (distributed denial of service) traffic floods.

Other ACR players challenged the attacker, with Nagy’s knowledge, wherein they received the startling response: “This is my job; another site gives me money to DDOS you.” The attacker offered no additional information as to this other site’s possible identity, though there are only a small number of sites that could truly reap gains from such orchestrated attacks on a rival… if indeed the attacker’s claim was true.

That said, it’s also true that the ACR and WPN have been targeted by more than the usual number of attacks since they began back in 2014. As Nagy said, in that heated podcast, “We had never received a DDOS attack before we announced our first Million in 2014 in December. For those of you who were there for that, you remember, we had to cancel that and refund it, because we suffered massive DDOS attacks, over and over again.Then we did it again in February, and overlaid a lot, paid everybody but made it through it.

“Ever since then, it seems like – and maybe it’s just because I’m sitting on this side of the desk – it seems like, we get DDOSed more than anybody else. I just don’t hear [about] it happening to anybody else. …”

That is indeed true. However, DDOS attacks have been a part of the online-gambling scene for at least a decade and a half. Though virtually every online form has been targeted over the years, it’s been an even larger problem for so-called “grey market” sites, meaning online sports-betting, poker, and casino-games sites that have served the giant US market from offshore homes.

The reasons for this are obvious: Not only can such attacks cause major disruptions (and loss of revenue), the victims have less legal recourse against the attackers. Traditionally, organized DDOS attacks for the purpose of blackmail originated from Russia and other eastern European countries, though in recent years, such activity (and the tools for committing these criminal attacks) have spread around the world via underground online channels.

There was even the episode of an ethically deficient HUNL player on a major international site who obtained the IP addresses of his rivals via Skype, then DDOS-ed them directly while playing them during big pots, thus forcing the other player offline and stealing the pots in large-pot hands.

If all shows that the tools to commit these attacks are widespread, and that a global crackdown of some sort is long overdue. That’s of scant consolation to independent operators such as WPN, however.

If there’s a silver lining to it, it’s that ACR and WPN acted in a forthright manner when the attacks occurred and the OSS Cub3d cancellation was forced upon them. All entries were refunded in accordance with WPN policy, and the network has bounced rigght back by launching a brand new OSS Cub3d series, the details of which we’ll have in an immediate-future post.

Comments are closed.