Evan J. LancasterA cyber attack targeting university-affiliated Discord servers sent thousands of obscene videos and transphobic rhetoric during a days-long attack that impacted college campuses in Washington State, Los Angeles, and Irvine.
At UC Irvine, on the evening of Tuesday, Jan. 9, approximately 500 university-affiliated Discord servers became the target of an organized attack, which flooded Discord servers with thousands of videos depicting death, violence and necrophilia.
In detailing the context of the attack, community Discord moderators at UC Irvine said the videos included the torture of animals and humans, and other “clearly illegal” acts.
UC Irvine does not own or regulate its Discord servers, which are guarded by independent moderators.
After the attacks occurred at UC Irvine, the university directed questions about the attack to Alina Kim, an independent moderator within UC Irvine’s Discord community.
Kim was one of the first responders during the Jan. 9 attack. Kim estimates that UC Irvine has approximately 500 affiliated Discord servers, which represent approximately 7,500 users. Kim said the independent moderators at UC Irvine defend the school’s virtual Discord community with scarce outside resources.
Kim said the attack was executed by an alt-right hate group but did not name a specific organization.
“They began systematically going through every Discord server that was actually affiliated with UCI and just flooding them with graphic, gory videos. These videos played automatically. There wasn’t really much you can do to avoid seeing them if you were online at the time,” Kim explained. “We think at least 3,000 people would have been exposed to the videos. This estimate is based on the number of people who were online.”
Kim reported the attack to the UC Irvine Police Department, but the department declined to investigate, directing the moderators to contact Discord.
“The police told us that they weren’t interested in the case and that we should just contact Discord,” she said. “I think they weren’t sure that any crime has been committed.”
In an email response, obtained by Irvine Weekly, the UC Irvine Police Department sent the following statement to the independent Discord moderators at UC Irvine.
“We are taking information reports and have determined no crimes have been committed, we are referring them to contact Discord and providing them with campus resource information.”
After contacting Discord directly, Kim explained that the platform removed the server in which the attackers were operating.
Kim explained that Discord — a voice, video and text communication platform — introduced a feature that allows users to create accounts by registering via a student’s university email address. Users can also join with a phone number.
Users can then create Discord channels for classes, events or any other topic.
Kim said the attackers did not hack into Discord but rather deployed a bot to obtain fraudulent phone numbers to create alias accounts. The attackers were able to use the alias accounts to join the UC Irvine servers.
To stop the attack, Kim and her team of independent Discord moderators developed a new defense system that will prevent these online attacks in the future.
By hacking into the attacker’s server on Discord, the moderators were able to obtain more than 400 user IDs affiliated with the attack. The moderators then worked to develop a new bot that automatically banned the IDs affiliated with that server.
“Some of our students infiltrated their servers, just so we could get forewarnings of attacks, and we discovered that they were affiliated with groups that were selling child porn,” Kim said. “And so this case has been upgraded to the FBI.”
While the Federal Bureau of Investigation declined to detail the scope of the ongoing investigation involving the Discord attacks at UC Irvine, an FBI spokesperson did confirm that the agency was offered assistance to the UC Irvine Police Department regarding the issue.
In acknowledgment of the attack, UC Irvine released a statement reiterating UC Irvine’s goal to protect all members of the community, both on campus and online. The statement also pointed to resources for the university’s best “cyber hygiene” practices.
“UC Irvine does not manage the Discord servers, the account activity, nor the security settings around them — they are independently managed. However, we take seriously our commitment to protecting members of our community. The university offers information security training and resources, and encourages members of the community to engage in cyber hygiene best practices including use of strong passwords and awareness of phishing attacks meant to harvest confidential credentials.”
Advertising disclosure: We may receive compensation for some of the links in our stories. Thank you for supporting Irvine Weekly and our advertisers.