A man from the US state of Illinois has been found guilty of running websites that allowed paying users to launch distributed denial of service (DDoS) attacks.
Matthew Gatrel, aged 32, was the founder and owner of DownThem.org, which between October 2014 and November 2018 enabled users to buy DDoS attacks as subscriptions, and AmpNode.com, which allowed subscribers to operate their own DDoS services.
He also provided “expert advice” on the best ways to attack different types of computers, specific hosting providers, and recommended strategies to bypass DDoS protection services.
Alongside former customer Juan Martinez, of Pasadena, California, Gatrel profited by allowing an estimated 2,000 registered users to launch over 200,000 attacks, targeting individuals, schools, universities, municipal and local government websites, and financial institutions worldwide, according to the US Department of Justice (DoJ).
Although the DoJ didn’t provide a list of victims, French cloud computing company OVH was named in the original complaint as having been targeted by DownThem in 2017. Other potential victims included web hosting platforms NFO and Vox.
The complaint, first filed in 2018, accused Gatrel and Martinez of allowing customers to severely disrupt “home and small business Internet connections for prices of around $1.75 per day”. DownThem offered at least six subscription models, with the prices dependent on how many days the victim would be knocked offline.
RELATED RESOURCE
The DoJ announced on Thursday that Gatrel had been “found guilty of three felonies: one count of conspiracy to commit unauthorized impairment of a protected computer, one count of conspiracy to commit wire fraud, and one count of unauthorized impairment of a protected computer”.
Gatrel is expected to face a statutory maximum sentence of 35 years in federal prison. The sentencing hearing has been scheduled for 27 January 2022.
Martinez, also known under the alias “Severon”, pleaded guilty on 26 August to one count of unauthorized impairment of a protected computer. He will face up to 10 years in prison, with the sentencing set to 2 December 2020.
The UK's National Crime Agency and the Dutch national police force reportedly assisted in the arrests and gathering of evidence.
-
The IT industry’s shift to circular, low-carbon solutionsMaximize your hardware investment and reach your sustainability goals with HP’s Renew Solutions
-
Lenovo ThinkPad X9 14 Aura Edition reviewReviews This thin and light ultraportable will draw you in with its vibrant screen – but it isn't as powerful as some of its competitors
-
UK crime fighters wrangle “several thousand” potential cyber criminals in DDoS-for-hire honeypotNews The sting follows a recent crackdown on DDoS-for-hire services globally
-
US begins seizure of 48 DDoS-for-hire services following global investigationNews Six people have been arrested who allegedly oversaw computer attacks launched using booters
-
Will triple extortion ransomware truly take off?In-depth Operators are now launching attacks with three extortion layers, but there are limitations to this model
-
GoDaddy web hosting reviewReviews GoDaddy web hosting is backed by competitive prices and a beginner-friendly dashboard, and while popular, beware of hidden prices
-
Japan investigates potential Russian Killnet cyber attacksNews The hacker group has said it’s revolting against the country’s militarism and that it’s “kicking the samurai”
-
LockBit hacking group to be 'more aggressive' after falling victim to large-scale DDoS attackNews The ransomware group is currently embroiled in a battle after it leaked data belonging to cyber security company Entrust
-
Record for the largest ever HTTPS DDoS attack smashed once againNews The DDoS attack lasted 69 minutes and surpassed the previous record of 26 million RPS
-
Cloudflare mitigates biggest ever HTTPS DDoS attackNews A botnet generated over 212 million HTTPS requests from over 1,500 networks in 121 countries
