DDoS attacker who targeted Steam, Sony and Electronic Arts pleads guilty

DerpTrolling 'brains' Austin Thompson faces up to ten years in prison over DDoS campaign

A 23-year-old from Utah has pleaded guilty to launching distributed denial of service (DDoS) attacks on a number of popular gaming services in 2013 and 2014.

Charged with causing Damage to a Protected Computing, Austin Thompson targeted Valve Software's Steam, the most popular PC gaming portal, as well as Electronic Arts' Origin service and the Sony Playstation network.

In December 2013, Thompson was able to marshall sufficient traffic to overload the servers supporting the games League of Legends, DoTA 2 and Blizzard's Battle.net gaming platform.

It is believed that Thompson launched the attacks as part of a campaign against Twitch gaming streamer James Varga, aka ‘Phantoml0rd'.

"Thompson typically used the Twitter account @DerpTrolling to announce that an attack was imminent and then posted screenshots or other photos showing that victims' servers had been taken down after the attack. The attacks took down game servers and related computers around the world, often for hours at a time," the US Attorney's Office for the Southern District of California claimed.

The plea agreement claims that Thompson's actions caused at least $95,000 in damages.

Thompson will be sentenced on 1 March 2019. He faces a maximum penalty of ten years in prison, a $250,000 fine and three years of supervised release.

Thompson is believed to have been the ‘brains' behind the hacking group called DerpTrolling, active since 2011, writing the software it used to launch the DDoS attacks. But he doesn't appear to have done a very good job of covering his tracks, with his name being leaked in 2014, after which it appears that he was quickly apprehended by law enforcement.

Gaming networks were subjected to a number of DDoS attacks at the time, not all of them due to Thompson and the DerpTrolling hacking group.

IT security failings are, increasingly, costing CISOs, CIOs and CEOs their jobs.

With business utterly dependent on IT, it's not enough for senior executives to dismiss security as ‘techie stuff'. At Computing's Enterprise Security & Risk Management Live event, hear from the National Crime Agency, ex-hackers and big-business CISOs to learn about how they are tackling cyber security.

For more information, check out the dedicated event website. Attendance is FREE to IT leaders and senior IT pros.