March 29, 2026
Green dot, red flags
The Hackers Who Tracked My Sleep Cycle
Hackers watched his Discord green dot and struck during naps — commenters call it “petty genius”
TLDR: Hackers timed attacks with his Discord “offline” status, using starter credits and overdraft to slip in one pricey AI request. The crowd splits: some applaud the honey‑trap pen test, others slam Stripe’s card‑testing crackdowns and say big card networks should own the fraud problem.
An indie dev says hackers timed nightly raids to his sleep schedule, watching his Discord “online” dot. They farmed free credits, added sketchy cards, and sent one pricey large‑language‑model (LLM) request, then vanished. The community? Split and loud. One camp cheers the cat‑and‑mouse, calling it “chaotic good” pen‑testing after he flipped his status to “offline” to bait them. Another camp side‑eyes the stunt after he admitted he “intentionally disabled several checks (like hCaptcha)” to see what would happen — gasps and “do not try this at home.”
Drama really escalates over payments. Commenters rage at Stripe flagging “card testing,” while others insist that’s exactly how fraud gets contained. The hottest take: card brands should eat the blame, not small apps. Meanwhile, memes fly: “Green Dot Gang,” “Sleep-as-a-Service,” and “discord-as-intrusion-detection.” Non‑tech readers, here’s the gist: he gave new accounts a tiny credit; adding a card unlocked overdraft, letting one expensive request go through before the card failed. He then flipped his status to toy with attackers, patching until only pennies leaked. Fans call it ingenious; critics call it reckless. Either way, the comments are the show, with folks debating ethics, ops, and whether your status light should be a security tripwire.
Key Points
- •Attackers created thousands of accounts nightly, added payment methods, and executed a single expensive LLM call to exploit signup credits and overdraft.
- •The first costly request was processed before the payment method was rejected, enabling about $1,000 in nightly credits to be used.
- •Attacks were timed to the author’s sleep and correlated with their Discord online status; setting status offline triggered attacks.
- •The author iteratively deployed defenses (e.g., CAPTCHA, checks around expensive calls) while observing attacker workarounds.
- •The incident revealed a card-testing risk that could flag a Stripe account; after mitigations, attackers could only extract minimal signup credits.