America's Cardroom DDos Attacks ACR

Americas Cardroom DDoS Attacks Continue

Between 27 April and 5 May, Americas Cardroom (ACR) informed its subscribers multiple times that it was undergoing a sustained series of Distributed Denial of Service (DDoS) attacks.

These attacks caused the site to cancel tournaments, refund entry fees, and divert resources toward addressing and mitigating the problem. These Americas Cardroom DDoS attacks date back to December 2014—and more frequently since December, 2017—and it appears that ACR has no solution to this recurring problem.

Americas Cardroom (ACR) is one of the oldest online poker sites in the U.S. Founded in 2001 as part of the Yatahay Poker Network, in 2012, the network rebranded itself as the Winning Poker Network (WPN), and ACR was subsequently relaunched. WPN has landed in the top-ten of online poker sites in terms of traffic per PokerScout, making it an attractive target.

While a single DDoS attack would wreak extreme havoc, imagine what a series of attacks would do. Take a look at the problems ACR has been facing.

Americas Cardroom DDoS attacks: What’s really happening?

A DDoS attack occurs when bad actors attempt to make an online service unavailable by flooding, overloading, and overwhelming it with traffic from various multiple sources. Consequently, the network becomes unavailable to its intended users, thus affecting business.

There are several motivations for DDoS attacks. Among the most common are revenge, activism, blackmail, and for financial gain. Oftentimes attackers will ask for a ransom—recently, Bitcoin is a popular ransom. In this case, ACR stated that it is their policy “to never pay ransom regardless of the cost, as [they] will never give in to cyber terrorism.”

Whereas ACR was initially deemed too small to be an attractive target, because it has recently filled a grey market space in the online poker industry, it has since become an attractive one. A grey market is a jurisdiction in which the legality of Internet gaming operations has not been definitively regulated, whereas a black market is one in which legislation exists to actively enforce laws that prohibit online gaming such as the Unlawful Internet Gambling Enforcement Act (UIGEA) and Illegal Gambling Business Act (IGBA.)

Whether extortion is the driving force behind these Americas Cardroom DDoS attacks is yet to be seen. WPN CEO Phil Nagy believes that a rival site may be behind the ACR attacks; however, his allegations remain unproven. Back in September 2017, ACR sustained 26 separate DDoS attacks over a three-day period that severely crippled the network. At that time, Nagy stated that he was told that a rival poker room was responsible for the attacks but wouldn’t offer any insight as to who that might be. If you’ve got 20 minutes to kill—and the desire to watch—here is Nagy discussing the DDoS attacks.

What is ACR saying about it?

Americas Cardroom DDoS

During the most recent series of Americas Cardroom DDoS attacks, ACR took to Twitter to inform followers that it was under another sustained DDOS attacks that forced the site to cancel several scheduled tournaments—including its wildly popular Million Dollar Sunday scheduled for 29 April—and refund players their entry fees.

Particularly worrisome is that WPN seems to have accepted—and resigned itself to the fact—that DDoS attacks will remain a regular occurrence. In fact, on an ACR blog dated 27 April, the writer stated:

This isn’t the first time we’ve experienced these attacks, and we’re sure it won’t be the last.

Note: Want to upgrade your poker skills? Get free preflop charts and start playing like a pro before the flop.

Conspiracy theories from the depths of social media

There are many on Twitter who have expressed their own disgust with ACR’s seeming ineptitude to protect its site against repeated attacks and have notated that said attacks tend to occur at the same time as certain high-stakes tournaments—far more than could be a coincidence.

Many players have legitimate concerns.

Here is a particularly scathing dig.

And another.

ACR’s support appears to be waning.

One Reddit user expressed his skepticism with Americas Cardroom DDoS attacks given that the site apparently had a scheduled maintenance for the morning of 29 April when the attacks commenced.

And, of course, the Twittersphere chimed in.

So, Now What?

These are, indeed, legitimate concerns. Many companies have faced DDoS attacks and have mitigated the dangers accordingly. Why ACR suffers so many—and their timing—raises serious questions to address.

In addition to frequent DDoS attacks, ACR has faced other accusations. Poker personality Joe Ingram expressed his own suspicions about possible cheating at ACR, levying accusations regarding bots and superusers, as well as suspicious activity and win rates among certain screen names.

At that time ACR did admit it closed a “tournament registration loophole” and banned those who exploited it.

When one adds these frequent DDoS attacks among the cheating and bot allegations, ACR certainly has some explaining to do.

What are your thoughts on the Americas Cardroom DDoS attacks? Please chime in below.

Until next time.

Note: Want to upgrade your poker skills? Get free preflop charts and start playing like a pro before the flop.

Read more from Upswing Poker:
Home > Americas Cardroom DDoS Attacks Continue
Home > Americas Cardroom DDoS Attacks Continue
About the Author
Natalie Faulk

Natalie Faulk

Natalie Faulk is a Las Vegas-based freelance writer/blogger and the author of several books. She is an avid low-stakes (for now) poker player and huge Vegas Golden Knights fan.

Put Your Skills to the Test with Quick Poker Quizzes!