DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Illinois Man Convicted of Federal Criminal Charges for Operating Subscription-Based Computer Attack Platforms

Posted on September 16, 2021 by Dissent

LOS ANGELES – An Illinois man was found guilty today by a federal jury for running websites that allowed paying users to launch powerful distributed denial of service, or DDoS, attacks that flood targeted computers with information and prevent them from being able to access the internet.

Matthew Gatrel, 32, of St. Charles, Illinois, was found guilty of three felonies: one count of conspiracy to commit unauthorized impairment of a protected computer, one count of conspiracy to commit wire fraud, and one count of unauthorized impairment of a protected computer.

According to evidence presented at his nine-day trial, Gatrel owned and operated two DDoS facilitation websites: DownThem.org and AmpNode.com. DownThem sold subscriptions allowing customers to launch DDoS attacks while AmpNode provided “bulletproof” server hosting to customers with an emphasis on “spoofing” servers that could be pre-configured with DDoS attack scripts and lists of vulnerable “attack amplifiers” used to launch simultaneous cyberattacks on victims.

Records from the DownThem service revealed more than 2,000 registered users and more than 200,000 launched attacks, including attacks on homes, schools, universities, municipal and local government websites, and financial institutions worldwide. Often called a “booting” service, DownThem itself relied upon powerful servers associated with Gatrel’s AmpNode bulletproof hosting service. Many AmpNode customers were themselves operating for-profit DDoS services.

Gatrel offered expert advice to customers of both services, providing guidance on the best attack methods to “down” different types of computers, specific hosting providers, or to bypass DDoS protection services. Gatrel himself often used the DownThem service to demonstrate to prospective customers the power and effectiveness of products, by attacking the customers intended victim and providing proof, via screenshot, that he had severed the victim’s internet connection.

Gatrel’s DownThem customers could select from a variety of different paid “subscription plans.” The subscription plans varied in cost and offered escalating attack capability, allowing customers to select different attack durations and relative attack power, as well as the ability to launch several simultaneous, or “concurrent” attacks. Once a customer entered the information necessary to launch an attack on their victim, Gatrel’s system was set up to use one or more of his own dedicated AmpNode attack servers to unlawfully appropriate the resources of hundreds or thousands of other servers connected to the internet in what are called “reflected amplification attacks.”

United States District Judge John A. Kronstadt has scheduled a January 27, 2022 sentencing hearing, at which time Gatrel will face a statutory maximum sentence of 35 years in federal prison.

Co-defendant Juan Martinez, 28, of Pasadena, pleaded guilty on August 26 to one count of unauthorized impairment of a protected computer. Martinez was one of Gatrel’s customers and became a co-administrator of the site in 2018. Martinez will face a statutory maximum sentence of 10 years in federal prison at his sentencing hearing, which is scheduled for December 2.

The FBI’s Anchorage Field Office and its Los Angeles-based Cyber Initiative and Resource Fusion Unit investigated this matter. Akamai Technologies, Inc.; Cloudflare, Inc.; DigitalOcean, Inc.; Google, LLC; Palo Alto Networks – Unit 42; University of Cambridge Cyber Crime Centre; and Unit 221B, LLC provided assistance to this investigation.

Assistant United States Attorney Cameron L. Schroeder, Chief of the Cyber and Intellectual Property Crime Section, and Assistant United States Attorney Adam Alexander of the District of Alaska are prosecuting this case.

Source: U.S. Attorney’s Office, Central District of California

Category: Commentaries and Analyses

Post navigation

← Hackers stole Covid test data of 1.4 million people from Paris hospital system
Cyberattack on Alaska DHSS website includes HIPAA and APIPA breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • B.C. health authority faces class-action lawsuit over 2009 data breach (1)
  • Private Industry Notification: Silent Ransom Group Targeting Law Firms
  • Data Breach Lawsuits Against Chord Specialty Dental Partners Consolidated
  • PA: York County alerts residents of potential data breach
  • FTC Finalizes Order with GoDaddy over Data Security Failures
  • Hacker steals $223 million in Cetus Protocol cryptocurrency heist
  • Operation ENDGAME strikes again: the ransomware kill chain broken at its source
  • Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
  • Mysterious hacking group Careto was run by the Spanish government, sources say
  • 16 Defendants Federally Charged in Connection with DanaBot Malware Scheme That Infected Computers Worldwide

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm
  • Researchers Scrape 2 Billion Discord Messages and Publish Them Online
  • GDPR is cracking: Brussels rewrites its prized privacy law
  • Telegram Gave Authorities Data on More than 20,000 Users
  • Police secretly monitored New Orleans with facial recognition cameras

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.