Cyber Incident Victim: Club Penguin
Date:
Jan 2014
Location:
United States of America
Summary
Multiple gaming platforms experienced temporary server disruptions due to distributed denial-of-service attacks claimed by the hacker group DERP Trolling, which utilized a tool referred to as the "Gaben Laser Beam." The incidents were linked to harassment against a YouTube streamer, escalating from targeting games he played to a swatting incident that resulted in police intervention at his residence. While DERP denied direct involvement in the personal attacks, they publicly offered a phone number for requesting targets, suggesting their actions may have been influenced by external parties. The attacks represented an early high-profile case of gaming services being compromised as collateral in an online vendetta.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In early January 2014, multiple online gaming platforms experienced service disruptions due to apparent distributed denial-of-service (DDoS) attacks. Between January 1 and January 3, services including Steam, Origin, Battle.net, League of Legends, World of Tanks, and EA.com suffered temporary server outages. The hacker group DERP Trolling publicly claimed responsibility for several attacks through Twitter, specifically acknowledging their targeting of Origin with a tool they dubbed the "Gaben Laser Beam," a reference to Valve founder Gabe Newell. DERP had previously targeted Battle.net, League of Legends, and other platforms earlier in the same week. Simultaneously, separate Twitter users unrelated to DERP claimed responsibility for the Steam attack that occurred overnight on January 2-3. All affected services resumed normal operations by the morning of January 3, with no reports of prolonged technical damage or data breaches. DERP promoted a phone number allowing public requests for future targets, indicating their attacks operated on an on-demand basis rather than following a predetermined agenda.
The attacks were linked to escalating harassment against James Varga, a YouTube streamer known as PhantomL0rd, who monetized gameplay through advertising. Initial attacks focused on disrupting games PhantomL0rd actively streamed, but tactics intensified after his personal information, including his home address, was leaked online. This culminated in a swatting incident where false reports led armed police to detain PhantomL0rd at his residence during a live stream. While DERP acknowledged targeting gaming platforms, they denied involvement in the swatting or direct harassment of PhantomL0rd. Online discussions documented the progression from game-specific disruptions to personal retaliation, marking one of the first instances where major gaming infrastructures became collateral damage in a vendetta against an individual content creator. The incident highlighted how conflicts originating in online communities could rapidly escalate to impact commercial services and involve real-world law enforcement interventions.