A spate of internet hacking during the New Year period – including an attack on Skype by hacker group the Syrian Electronic Army, and another on social media photo sharing app Snapchat by website SnapchatDB – demonstrates the emergence of a new phase in hacking wars: corporate greed and hubris as the target, with a dose of social disruption.

One such incident occurred on December 30, when hacker group DERP targeted games played by Twitch live streamer James Varga, who goes by the handle PhantomL0rd.

(Twitch allows the gaming community to broadcast live video of games they are playing, to watch others play and to chat in real time. Watching the streaming of games is not so different from watching sport on television.)

Wikimedia Commons

DERP targeted PhantomL0rd, the most popular gamer streaming at that moment in time, so they could gain instant public exposure.

In a display of technological prowess, they serially brought down the online servers of games that he was playing, including League of Legends, Battle.net, EA.Com and Disney’s Club Penguin.

Creating a game within a game

PhantomL0rd engaged in the play, acting as a conduit between the hackers and the gaming community. As he changed games he participated in a contest with the hackers, in a sense egging them on, while impacting hundreds of thousands of other players.

He passed on questions from his audience about DERP’s intentions and capacity to shut down big companies such as Google and Facebook. The reply from DERP indicated they wanted to frustrate “money-hungry” companies such as Electronic Arts (better known as EA Games).

In a modern-day technological twist, the streaming audience became participants in a game within a game when the hackers challenged PhantomL0rd to win the multiplayer online Defense of the Ancients (DOTA 2) match he was playing at that time, or they would bring down the server.

Eventually, DERP took down the Defense of the Ancients server by distributed denial of server (DDOS) attack (bombarding the server with information and eventually disabling it), while tweeting to PhantomL0rd:

Twitter

This was a win-win situation for the hackers and PhantomL0rd. The hackers had direct access to an international audience and their presence grew this audience exponentially. In three hours, PhantomL0rd’s personal stream increased from his usual numbers of between 5,000 to 15,000 viewers to a record 155,000 – the largest personal streaming audience recorded.

For PhantomL0rd there was financial reward as well as recognition. As the audience grew, so did the US$4.99 monthly subscriptions for PhantomL0rd’s stream.

Capitalising on the situation, PhantomL0rd turned on the subscriber-only mode, which meant that the only way to participate in the conversation via chat was to pay the subscription fee. This enraged someone in the audience, who retaliated by hacking and releasing PhantomL0rd’s personal information, leaving him vulnerable to payback from disgruntled would-be players.

And then …

Less than an hour later, PhantomL0rd was erroneously denounced as abducting five people and subsequently arrested at gunpoint during a police raid on his home. See PhantomL0rd’s video about his arrest below:

From DERP’s point of view PhantomL0rd’s experience was collateral damage – DERP’s targets were game companies with millions of subscribers. The comraderie between DERP and PhantomL0rd is revealed the following tweet:

Twitter

Both PhantomL0rd and DERP benefited through increased public exposure. According to the metric monitoring site SocialBlade PhantomL0rd’s followers increased by 50,000 since this event, and is now approaching 400,000.

In contrast, DERP is treated with more caution. Though some 450,000 people have watched PhantomL0rd’s video describing the hacking by DERP and his arrest by police, only 60,000 people follow DERP on Twitter. Clearly, the online community sees an element of danger in being linked to DERP or in attracting DERP’s attention.

At the moment, groups such as DERP are simply demonstrating their power. In the process they are attracting new members with IT and hacking abilities and broadening their skills base. The question that arises is: what targets will attract the attention of these new, strengthened organisations?