A recurring nightmare of sorts has returned over at the Winning Poker Network and its flagship site, America’s Cardroom (ACR), where the early events of the just-underway OSS Cub3d series have been plagued by another wave of distributed denial of service (DDoS) attacks.
The attacks have already forced the cancellation of several early events in the first leg of the OSS Cubed series, the “MOSS” (Mini Online Super Series), which attempted to get underway on August 5. Several recent OSS Cub3d series at ACR have been disrupted by the DDoS attacks, which are the largest recurring series the site and its parent network offer.
As reported by ACR on its Twitter feed, here’s how this latest wave of DDoS attacks unfolded:
We’re currently experiencing technical issues. All tournaments have been paused and techs are working on it. Thanks for your patience.
— Americas Cardroom (@ACR_POKER) August 5, 2018
We’re currently experiencing a DDoS attack. All tournaments have been paused and techs are working in order to mitigate it. Apologies for the inconvenience and thanks for your patience.
— Americas Cardroom (@ACR_POKER) August 5, 2018
Tournaments have been cancelled and refunded as per our terms and conditions
— Americas Cardroom (@ACR_POKER) August 5, 2018
Update: attacker has initiated another DDoS attack, the techs are working on it
— Americas Cardroom (@ACR_POKER) August 5, 2018
Due to DDoS attacks on August 5th we were forced to cancel MOSS events 1, 2, and 3. We will be rescheduling these events next Sunday, August 12th at 1:00pm ET, 11:00am ET, and 3pm ET respectively. We apologize for the inconvenience. pic.twitter.com/VXLbaaZHYQ
— Americas Cardroom (@ACR_POKER) August 5, 2018
Due to a new DDoS attack we have paused all tournaments. Our techs are working in order to mitigate the attack. Apologies for the inconvenience
— Americas Cardroom (@ACR_POKER) August 5, 2018
We experiencing another DDoS attack, our techs are working on order to mitigate it. All tournaments have been paused. Apologies for the inconvenience
— Americas Cardroom (@ACR_POKER) August 6, 2018
We are working on mitigate the DDoS attack. All tournaments have been paused
— Americas Cardroom (@ACR_POKER) August 6, 2018
Attack has been mitigated. All tournaments have resume game play
— Americas Cardroom (@ACR_POKER) August 6, 2018
a new DDoS attack has started, our techs are mitigating the attack. All tournaments have been paused.
— Americas Cardroom (@ACR_POKER) August 7, 2018
Update: All paused tournaments have been cancelled and refunded as per our terms and conditions. Apologies for the inconvenience.
— Americas Cardroom (@ACR_POKER) August 7, 2018
Time banks have been reset and tournaments will resume shortly
— Americas Cardroom (@ACR_POKER) August 7, 2018
We are pausing tournaments as we are being attacked. Apologies for the inconvenience
— Americas Cardroom (@ACR_POKER) August 8, 2018
As you are aware we are experiencing a DDOS attack. We have now mitigated this attack. We will resume once we see players retaking their seats. We sincerely apologize for the inconvenience.
— Americas Cardroom (@ACR_POKER) August 8, 2018
America’s Cardroom and the Winning Poker Network have remained adamant in not paying the demanded blackmail from the attacker or attackers, though neither entity has issued an official statement on these attacks beyond the brief social-media posts. Last year, amid one of the waves, a DDoS attacker posted in a table-chat window on ACR as he began the attacks, and also alleged that he was launching the attacks on behalf of an unnamed rival site in order to damage ACR’s and WPN’s business.
Those allegations remain unconfirmed, and other than for launching in-house, technical mitigation efforts – such as quickly identfying and blocking the domain addresses associated with devices included in the attacks — there’s little else ACR can do. As a grey-market site largely serving the majority of US states where online poker isn’t strictly illegal to play but also hasn’t been formally authorized and regulated, ACR and WPN have no national or international authority to whom they can plead to for assistance, despite the blatantly illegal nature of the DDoS attacks. Grey-market (“offshore”) online gambling sites have been a preferred target of online extortionists for the better part of two decades for precisely that reason.
