The US authorities have sentenced a man to 24 months in a federal prison after he was found to have run a DDoS-for-hire service that knocked websites off the internet.
33-year-old Matthew Gatrel, of St Charles, Illinois, ran a criminal operation that launched Distributed Denial-of-Service (DDoS) attacks on behalf of hundreds of paying customers via his “booter” site DownThem.org.
Gatrel’s DownThem service, according to a US Department of Justice press release, launched more than 200,000 attacks for over 2000 registered users of DownThem between October 2014 and November 2018.
Exploiting misconfigured routers and other devices attached to the internet, DownThem customers could launch DNS reflection attacks that flooded their intended targets with unwanted internet traffic.
DownThem offered a variety of different subscription plans to customers, depending on how much they were willing to pay and the ferocity of the DDoS attack they wished to unleash. Victims included schools, universities, government websites, and financial institutions worldwide.
Meanwhile, Ampnode, another website operated by Gatrel, promised “bulletproof” server hosting and, to this day, appears to offer “dedicated spoofing servers”.
According to the Department of Justice, Ampnode’s servers could be “pre-configured with DDoS attack scripts and lists of vulnerable ‘attack amplifiers’ used to launch simultaneous cyberattacks on victims.”
Ampnode’s website may still be online, but visitors to DownThem are now greeted by a seizure message from the US authorities.
One of Gatrel’s co-conspirators, 29-year-old Juan “Severon” Martinez of Pasadena, California, who turned from being a customer of DownThem to being the co-administrator of the Downthem website in 2018, pleaded guilty to one count of unauthorised impairment of a protected computer in August 2021, and was sentenced to five years’ probation.
Any business which relies upon its website to make money, and provides services to its customers, needs to consider very seriously how it will protect itself against the threat of a DDoS attack.
DDoS attacks have been launched against websites for many years, often for the purposes of extortion, and the problem has not gone away. The availability of DDoS-for-hire “booter” services has given even the least tech-savvy criminals the ability to disrupt websites, or even make them entirely inaccessible to the outside world.