It took a while, but a DDoS attacker responsible for bringing down game sites has finally been brought to justice.
The 23 year-old Utah resident, Austin Thompson, pleaded guilty on November 6 in a San Diego Federal court to knowingly causing damage to third-party computers.
Thompson went on a spree in December 2013 and January 2014 under the Twitter handle @DerpTrolling. He allegedly used the Low Orbit Ion Cannon (LOIC) denial of service tool to hit servers owned by EA, Steam and Sony Online Entertainment. His attacks also affected Blizzard’s Battle.net system.
Thompson caused $95,000 in damage, according to the US Attorney’s Office for the District of Southern California, where Sony Entertainment is based. He is said to have used his Twitter account to announce the attacks.
On Twitter, which he joined in 2011, he often referred to DerpTrolling as a group, but there are no other defendants in his case.
He annoyed others enough that they doxxed him, posting what they claimed were his personal details online. However, he appears to have continued tweeting until August 14 2016, when he went quiet for 18 months. He came back in January 2018 for a day and then disappeared for good.
At the time, DerpTrolling told online video gaming channel #DramaAlert that he was supporting a gaming streamer who had egged him on. He would also respond to requests suggesting targets.
He will be sentenced on March 1, 2019, and faces a potential 10 years in prison and a fine of up to $250,000.
Said US attorney Adam Braverman:
Denial-of-service attacks cost businesses millions of dollars annually. We are committed to finding and prosecuting those who disrupt businesses, often for nothing more than ego.
Thompson isn’t the only person to have launched attacks against game servers. Around the same time as his attacks, two other Twitter users claimed responsibility for attacks against Steam.
A group of gaming grinches called Lizard Squad took down servers on Christmas day 2014, stopping countless kids setting up their new consoles “to amuse ourselves”. They were arrested almost two years later for running a DDoS-for-hire service.