Owner of DDoS for hire sites found guilty of hacking offences

Matthew Gatrel faces 35 years in prison when he is sentenced in January 2022

A man from the US state of Illinois has been found guilty of running websites that allowed paying users to launch distributed denial of service (DDoS) attacks.

Matthew Gatrel, aged 32, was the founder and owner of DownThem.org, which between October 2014 and November 2018 enabled users to buy DDoS attacks as subscriptions, and AmpNode.com, which allowed subscribers to operate their own DDoS services.

He also provided “expert advice” on the best ways to attack different types of computers, specific hosting providers, and recommended strategies to bypass DDoS protection services.

Alongside former customer Juan Martinez, of Pasadena, California, Gatrel profited by allowing an estimated 2,000 registered users to launch over 200,000 attacks, targeting individuals, schools, universities, municipal and local government websites, and financial institutions worldwide, according to the US Department of Justice (DoJ).

Although the DoJ didn’t provide a list of victims, French cloud computing company OVH was named in the original complaint as having been targeted by DownThem in 2017. Other potential victims included web hosting platforms NFO and Vox.

The complaint, first filed in 2018, accused Gatrel and Martinez of allowing customers to severely disrupt “home and small business Internet connections for prices of around $1.75 per day”. DownThem offered at least six subscription models, with the prices dependent on how many days the victim would be knocked offline.

Related Resource

Ransomware made MSPeasy

The MSP's guide to saving the day

The MSP's guide to ransomware - whitepaper from DattoFree download

The DoJ announced on Thursday that Gatrel had been “found guilty of three felonies: one count of conspiracy to commit unauthorized impairment of a protected computer, one count of conspiracy to commit wire fraud, and one count of unauthorized impairment of a protected computer”.

Gatrel is expected to face a statutory maximum sentence of 35 years in federal prison. The sentencing hearing has been scheduled for 27 January 2022.

Martinez, also known under the alias “Severon”, pleaded guilty on 26 August to one count of unauthorized impairment of a protected computer. He will face up to 10 years in prison, with the sentencing set to 2 December 2020.

The UK's National Crime Agency and the Dutch national police force reportedly assisted in the arrests and gathering of evidence.

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

BillQuick billing software exploit lets hackers deploy ransomware
Security

BillQuick billing software exploit lets hackers deploy ransomware

26 Oct 2021
Ransomware hit industrial sector the hardest in the third quarter
ransomware

Ransomware hit industrial sector the hardest in the third quarter

25 Oct 2021
Tesco services knocked offline after suspected cyber attack
hacking

Tesco services knocked offline after suspected cyber attack

25 Oct 2021
Microsoft touts new cyber security help for nonprofits
cyber security

Microsoft touts new cyber security help for nonprofits

22 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Cryptocurrency: Should you invest?
cryptocurrencies

Cryptocurrency: Should you invest?

27 Oct 2021