Matthew Gatrel, a resident of St. Charles, Illinois, has been sentenced to two years in prison for violating the Computer Fraud and Abuse Act (CFAA). The 33-year-old was convicted of running a “DDoS for hire” business, a malicious operation wherein customers could order powerful distributed denial-of-service (DDoS) attacks on any website for a fee.
Such large-scale DDoS attacks are capable of crippling a website for a prolonged amount of time time, costing webmasters and businesses lots of money in lost revenue over time.
Gatrel carried out his DDoS for hire operations using multiple services, the first of which is downthem[.]org along with ampnode[.]com.
On Downthem, he sold subscriptions to customers who wish to launch DDoS attacks on a regular basis, while on Ampnode he claimed to provide “bulletproof” server hosting that has a special configuration to mask DDoS attacks along with providing lists of vulnerable attack amplifiers capable of launching multiple attacks on unsuspecting victims.
Both services were said to receive thousands of customers, who collectively launched more than 200,000 DDoS attacks.
After admitting to officials that he did in fact run these services, and turning in an array of incriminating evidence along the way, Gatrel chose to take the case to trial anyway. His co-defendant, a man named Juan “Severon” Martinez from Pasadena, California, did not. He pleaded guilty to the offense just before Gatrel’s trial began.
The trial lasted nine days in the Central District of California and ended with Matthew Gatrel being sentenced to two years in prison having been successfully convicted on all three counts of conspiracy to commit wire fraud, conspiracy to commit unauthorized impairment of a protected computer, and another charge of conspiracy to commit authorized impairment of a protected computer.
The most popular, and arguably the most devastating method of attack that these booters or “stressers” utilize is called a “reflective amplification attack”, where a variety of unmanaged/mismanaged Domain Name Servers are leveraged to carry out large traffic requests with the objective of making a website crash due to the traffic surge from these mismanaged sources.
Both the United States and the United Kingdom have been cracking down on DDoS attacks for a while now, with the United Kingdom running constant ads to educate citizens on the illegal nature of such booter services.
The Getrel and Martinez cases were the latest episodes in a crackdown effort between the FBI and other law enforcement agencies that began as early as 2018. More than 15 different booter service domains were seized in the early stages, and many continue to go down, all to varying sentences when found guilty.