At the end of a nine-day trial, a jury in California this week found guilty the administrator of two distributed denial-of-service (DDoS) operations.
32-year old Matthew Gatrel of St. Charles, Illinois, ran two websites that allowed paying users to launch more than 200,000 DDoS attacks on targets in both the private and public sector.
Booter service and bulletproof server hosting
Court documents reveal that Gatrel had been operating the DDoS services since at least October 2014. He ran two sites, DownThem and Ampnode, both enabling DDoS attacks.
Gatrel used DownThem to sell subscriptions for his DDoS services (also called “booters“ or “stressers“) and AmpNode offered “bulletproof” server hosting options to customers that needed servers pre-configured with DDoS attack scripts and lists of vulnerable systems that could amplify the assault.
When going through the records of the DownThem booter website, the investigators found it had more than 2,000 registered customers. According to the documents, users are responsible for launching over 200,000 DDoS attacks.
The targets ranged from homes and schools, to universities, municipal and local government websites, and financial institutions from all over the world.
“Often called a “booting” service, DownThem itself relied upon powerful servers associated with Gatrel’s AmpNode bulletproof hosting service. Many AmpNode customers were themselves operating for-profit DDoS services” – the U.S. Department of Justice
Customers could choose from multiple subscriptions, each coming with various attack capabilities such as duration, strength, or the possibility of concurrent attacks.
With the sight set on a target, the service would use the AmpNode attack servers to run “reflected amplification attacks” using resources from “hundreds or thousands of other servers connected to the internet.”
Gatrel was not alone in this. He received helped administering the DownThem website from 28-year old Juan Martinez of Pasadena in 2018.
Unlike Gatrel, Martinez already pleaded guilty and is awaiting his sentence scheduled for December 2. He is facing a statutory maximum sentence of 10 years in federal prison.
Gatrel is facing a maximum statutory sentence of 35 years in a federal prison for the three felonies he has been found guilty of:
- one count of conspiracy to commit unauthorized impairment of a protected computer
- one count of conspiracy to commit wire fraud
- one count of unauthorized impairment of a protected computer
His sentencing has been scheduled for January 27, 2022.