Industry News

World of Warcraft’s suspected DDoS attacker has been arrested

World of Warcraft's suspected DDoS attacker has been arrested

Blizzard, the developers of World of Warcraft Classic, has revealed that a person suspected of orchestrating a disruptive Distributed Denial of Service (DDoS) attack against the games’ servers has been arrested.

In a Blizzard forum post, community manager Kaivax told players that the suspected perpetrator had been identified and arrested.

“Immediately after the Distributed Denial of Service attacks against our game service began, the Blizzard Security Team worked around the clock with local and international law enforcement agencies to track down the source of the DDoS. It is our understanding that, within a few days, authorities were able to successfully identify and arrest a suspect.”

Blizzard shared no details related to the identity of the person arrested, or which country they were based in.

What we do know, however, is that Blizzard’s customer service team confirmed that its servers were under attack on September 7th, trying the patience of some players who found themselves unexpectedly disconnected from the game and unable to reconnect.

Overwatch was also reportedly affected by the DDoS attack, with some users being booted out of games and finding themselves unable to log back in.

At the time, a Twitter account calling itself UKDrillas claimed responsibility for the attack against Blizzard as well as a DDoS attack which briefly overloaded Wikipedia. Prior to Twitter disabling its account, UKDrillas posted a series of tweets bragging about its attacks.

Clues left by UKDrillas – and they go beyond the fact they have “UK” in their account handle – strongly suggest that whoever was behind the account (and thus likely to responsible for the DDoS attacks) is based in the United Kingdom.

If Blizzard is right and police have arrested the person responsible for the DDoS attacks against World of Warcraft Classic then I certainly wouldn’t want to be wearing the suspect’s shoes.

Many DDoS attacks are not particularly sophisticated, and can be perpetrated by maliciously-minded gamers showing off to their buddies with relative ease. But the financial damage and inconvenience caused by a DDoS attack can be considerable, and in the past has sometimes resulted in the perpetrators being imprisoned for multiple years.

You may think it’s easy to do. You may think it’s funny. You may think it’s unlikely that you will ever be identified and brought to justice. But, if you are caught and found guilty, there’s a chance that the sentence you receive will cast a shadow over the rest of your life.

You will have plenty of time to consider whether it was really worth it. Don’t do it.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.