A man from the US state of Illinois has been found guilty of running websites that allowed paying users to launch distributed denial of service (DDoS) attacks.
Matthew Gatrel, aged 32, was the founder and owner of DownThem.org, which between October 2014 and November 2018 enabled users to buy DDoS attacks as subscriptions, and AmpNode.com, which allowed subscribers to operate their own DDoS services.
He also provided “expert advice” on the best ways to attack different types of computers, specific hosting providers, and recommended strategies to bypass DDoS protection services.
Alongside former customer Juan Martinez, of Pasadena, California, Gatrel profited by allowing an estimated 2,000 registered users to launch over 200,000 attacks, targeting individuals, schools, universities, municipal and local government websites, and financial institutions worldwide, according to the US Department of Justice (DoJ).
Although the DoJ didn’t provide a list of victims, French cloud computing company OVH was named in the original complaint as having been targeted by DownThem in 2017. Other potential victims included web hosting platforms NFO and Vox.
The complaint, first filed in 2018, accused Gatrel and Martinez of allowing customers to severely disrupt “home and small business Internet connections for prices of around $1.75 per day”. DownThem offered at least six subscription models, with the prices dependent on how many days the victim would be knocked offline.
RELATED RESOURCE
The DoJ announced on Thursday that Gatrel had been “found guilty of three felonies: one count of conspiracy to commit unauthorized impairment of a protected computer, one count of conspiracy to commit wire fraud, and one count of unauthorized impairment of a protected computer”.
Gatrel is expected to face a statutory maximum sentence of 35 years in federal prison. The sentencing hearing has been scheduled for 27 January 2022.
Martinez, also known under the alias “Severon”, pleaded guilty on 26 August to one count of unauthorized impairment of a protected computer. He will face up to 10 years in prison, with the sentencing set to 2 December 2020.
The UK's National Crime Agency and the Dutch national police force reportedly assisted in the arrests and gathering of evidence.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
UK crime fighters wrangle “several thousand” potential cyber criminals in DDoS-for-hire honeypotNews The sting follows a recent crackdown on DDoS-for-hire services globally
-
US begins seizure of 48 DDoS-for-hire services following global investigationNews Six people have been arrested who allegedly oversaw computer attacks launched using booters
-
Will triple extortion ransomware truly take off?In-depth Operators are now launching attacks with three extortion layers, but there are limitations to this model
-
GoDaddy web hosting reviewReviews GoDaddy web hosting is backed by competitive prices and a beginner-friendly dashboard, and while popular, beware of hidden prices
-
Japan investigates potential Russian Killnet cyber attacksNews The hacker group has said it’s revolting against the country’s militarism and that it’s “kicking the samurai”
-
LockBit hacking group to be 'more aggressive' after falling victim to large-scale DDoS attackNews The ransomware group is currently embroiled in a battle after it leaked data belonging to cyber security company Entrust
-
Record for the largest ever HTTPS DDoS attack smashed once againNews The DDoS attack lasted 69 minutes and surpassed the previous record of 26 million RPS
-
Cloudflare unveils new One Partner Program with zero trust at its coreNews Cloudflare CEO Matthew Prince says the initiative aims to take the complexity out of zero trust architecture
