Americas Cardroom Still Suffering From DDoS AttacksMay 1, 2018 11:26 am
Last Tuesday, US-facing poker site Americas Cardroom (ACR) was targeted by a distributed denial of service (DDoS) attack which crippled the site’s traffic, ultimately leading to a cancellation of the tournaments it was running at the time.
After working to resolve the issue, another cyber attack was then launched against ACR on Sunday, meaning that for the past week the site has been forced to cancel its tournaments, while players have been unable to access their accounts.
A quick glance at the poker room’s twitter page indicates that the situation is still very far from being resolved, and as its latest series of tweets posted 12 hours ago reads:
“We are having a new DDoS attack, all tournaments have been paused while our techs work in order to mitigate it,” which was followed an hour later by a tweet stating “We are cancelling and refunding the tournaments according to our Terms and conditions.”
Spate of Attacks
In September 2017, ACR was hit with a similar DDoS attack that caused a major disruption to its tournaments and cash games, and left players disconnected from the site for days. At this point, it is unclear whether the party/parties behind the latest attack are connected to previous attempts, but once again their launch was timed to coincide with prime time traffic, and one of ACR’s highest-profile tournaments, in the latest instance involving the MDS (“Million Dollar Sundays”) tourney, which offers a guaranteed prize pool of $1 million.
Gambling Sites Increasingly Targeted
DDoS attacks are often launched by cyber criminals in order to extort money from sites in exchange for making the problem go away, with Bitcoin having become one of their preferred methods of payment in recent times. Since such attacks were first launched in the early 2000’s, the online gambling industry has been one of the markets most severely targeted, with ACR becoming an increasingly attractive focus of their attention as it makes ground in the USA’s grey-market vacuum.
In fact, the first DDoS attack made against ACR and the Winning Poker Network (WPN) it runs upon started in December of 2014. Nevertheless, extortion may not have been the main driving force behind the attacks, which makes sense when one considers that ACR apparently has a policy of refusing to pay any ransom to be left alone, preferring instead to mitigate the situation themselves.
Reason Behind Attack
After last September’s attack on the site, WPN CEO Philip Nagy uploaded a YouTube video in which he asserts that some of the attacks may have been orchestrated by rival sites looking to disrupt ACR and WPN’s traffic. At the time, Nagy even indicated that he may be prepared to offer a sizeable reward to anyone able to provide proof as to the identity of the attackers, writing:
“I’m seriously considering offering a reward, 10 Bitcoin or something.. something really big to anyone who can give me proof of who has been ordering these attacks.”
Meanwhile, ACR has stated that its DDoS mitigation team was “working around the clock” to halt the cyber terrorists, and that they would be continuing to “work tirelessly until all systems are online.” The statement also assured its customers that full refunds would be issued for all tournaments and games that have been made unplayable, but also warned that the site’s tournament schedule may have to be cancelled while it gains “full control of the situation”.
The ongoing DDoS attack is the latest in a line of bad publicity to hit Americas Cardroom. In 2017, for instance, disgruntled customers complained about delayed payments involving bitcoin transfers and withdrawals. In 2018, podcaster Joe Ingram subsequently warned players that the site was rife with poker bots and cheaters, and in March Two Plus Two Publishing removed all Americas Cardroom advertising from its forums.