Poker tournaments disrupted after DDoS attacks on Americas Cardroom

Last year in September Americas Cardroom (ACR), a popular online poker site and its Winning Poker Network (WPN) suffered a series of massive DDoS attacks forcing the company to pause all of its ongoing tournaments – In that attack, unknown attackers demanded a ransom from the company in order to stop attacking their servers

Now, it has happened again. On April 24th, 2018, a series of non-stop DDoS attacks hit America’s Cardroom which continued till May 1st. According to a series of tweets from ACR’s Twitter account, its website will go under scheduled maintenance from 7-10 am ET on Tuesday but a later tweet the same day revealed ACR is under a DDoS attack forcing it to pause all running tournaments.

The tweet caused outrage among many players and some also asked for refunds for the day’s tournaments. Some users accused ACR of lying about the DDoS attacks. Nevertheless, the attacks continued the next day (25th April) when a new tweet from ACR said that it is canceling all paused tournaments and players will be refunded accordingly.

Poker tournaments disrupted after DDoS attacks on Americas Cardroom
Americas Cardroom is silently deleting its tweets about the DDoS attacks therefore here is one of the screenshots taken from the deleted tweet.

The very same day there was a little pause in the attack allowing the company to resume its service, however, on 26th April, ACR came up with another tweet stating that they have been facing a new series of DDoS attacks and all running tournaments have been paused. Additionally, later that day the company canceled all paused tournaments once again.

Poker tournaments disrupted after DDoS attacks on Americas Cardroom
Americas Cardroom is silently deleting its tweets about the DDoS attacks therefore here is another screenshot taken from the deleted tweet.

On April 27th, ACR apologized for the inconvenience caused by “massive DDoS attack” and suspended gameplay. On the same day, the company announced canceling of all events until 8:00 pm ET meanwhile its tech team tried mitigating the DDoS attacks. However, the unknown attackers kept targeting ACR till 28th April pushing it to cancel all events for the day.

On 29th April, at 2:10 AM, ACR tweeted that DDoS attacks have been mitigated and all tournaments are up and running but little did they know, the attacks hit the tournaments at 4:18 AM. “We are experiencing a new DDOS attack, our techs are working to mitigate it however we have paused all running tournaments,” tweeted ACR.

The DDoS attack continued the whole day forcing ACR to cancel its MDS (“Million Dollar Sundays”) tournament “to ensure a fair gameplay environment for all players.” 

What is worse for players is that from April 30th to May 1st, ACR kept tweeting about the non-stop DDoS attacks, canceling and refunding the tournaments. This means the attackers ruined the whole week for players.

At the time of publishing this article, there were no new tweets or update from ACR. However, its official website ( was still offline which leads to the conclusion that they are still facing DDoS attacks.

Although it is unclear who is behind these massive and non-stop DDoS attacks, it is a fact that cyber attacks against the gaming industry are surging. A few days ago, the world’s largest DDoS-for-hire platform was shut down and its administrators were arrested. The platform was also used to carry cyber attacks on gaming and other high-profile industries.


If you are running a business; do not forget to calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

Image credit: Depositphotos


Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.