An Illinois man was sentenced Monday in Los Angeles to 24 months in federal prison for running websites that allowed paying users to launch powerful distributed denial of service — or DDoS — attacks that flood targeted computers with information and prevent them from being able to access the internet.
Earlier a Pasadena man who was allegedly co-adminstrator of the site pleaded guilty.
Matthew Gatrel, 33, of St. Charles, Illinois, was found guilty last year of one federal count each of conspiracy to commit unauthorized impairment of a protected computer, conspiracy to commit wire fraud, and unauthorized impairment of a protected computer, according to the U.S. Attorney’s Office.
Juan Martinez, 29, of Pasadena, pleaded guilty in August 2021 to one count of unauthorized impairment of a protected computer and was sentenced to five years’ probation. Martinez was one of Gatrel’s customers and became a co-administrator of the site in 2018, according to papers filed in L.A. federal court.
“Gatrel ran a criminal enterprise designed around launching hundreds of thousands of cyber-attacks on behalf of hundreds of customers,” prosecutors wrote in a sentencing memorandum. “He also provided infrastructure and resources for other cybercriminals to run their own businesses launching these same kinds of attacks. These attacks victimized wide swaths of American society and compromised computers around the world.”
Gatrel owned and operated two DDoS facilitation websites: DownThem.org and AmpNode.com. DownThem sold subscriptions allowing customers to launch DDoS attacks while AmpNode provided “bulletproof” server hosting to customers with an emphasis on “spoofing” servers that could be pre-configured with DDoS attack scripts and lists of vulnerable “attack amplifiers” used to launch simultaneous cyberattacks on victims.
Records from the DownThem service revealed more than 2,000 registered users and more than 200,000 launched attacks, including attacks on homes, schools, universities, municipal and local government websites, and financial institutions worldwide. Many AmpNode customers were themselves operating for- profit DDoS services, prosecutors said.