DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Illinois Man Sentenced to 2 Years in Federal Prison for Operating DDoS-for-Hire Services

Posted on June 14, 2022 by Dissent

There’s an update to the case of Matthew Gatrel, whose conviction was previously reported on this site in September 2021:

LOS ANGELES – An Illinois man was sentenced today to 24 months in federal prison for running websites that allowed paying users to launch powerful distributed denial of service, or DDoS, attacks that flood targeted computers with information and prevent them from being able to access the internet.

Matthew Gatrel, 33, of St. Charles, Illinois, was sentenced by United States District Judge John A. Kronstadt.

At the conclusion of a nine-day trial in September 2021, a federal jury found Gatrel guilty of one count of conspiracy to commit unauthorized impairment of a protected computer, one count of conspiracy to commit wire fraud, and one count of unauthorized impairment of a protected computer.

“Gatrel ran a criminal enterprise designed around launching hundreds of thousands of cyber-attacks on behalf of hundreds of customers,” prosecutors wrote in a sentencing memorandum. “He also provided infrastructure and resources for other cybercriminals to run their own businesses launching these same kinds of attacks. These attacks victimized wide swaths of American society and compromised computers around the world.”

Gatrel owned and operated two DDoS facilitation websites: DownThem.org and AmpNode.com. DownThem sold subscriptions allowing customers to launch DDoS attacks while AmpNode provided “bulletproof” server hosting to customers with an emphasis on “spoofing” servers that could be pre-configured with DDoS attack scripts and lists of vulnerable “attack amplifiers” used to launch simultaneous cyberattacks on victims.

Records from the DownThem service revealed more than 2,000 registered users and more than 200,000 launched attacks, including attacks on homes, schools, universities, municipal and local government websites, and financial institutions worldwide. Many AmpNode customers were themselves operating for-profit DDoS services.

Gatrel offered expert advice to customers of both services, providing guidance on the best attack methods to “down” different types of computers, specific hosting providers, or to bypass DDoS protection services. Gatrel himself often used the DownThem service to demonstrate to prospective customers the power and effectiveness of products, by attacking the customer’s intended victim and providing proof, via screenshot, that he had severed the victim’s internet connection.

Gatrel’s DownThem customers could select from a variety of different paid “subscription plans.” The subscription plans varied in cost and offered escalating attack capability, allowing customers to select different attack durations and relative attack power, as well as the ability to launch several simultaneous, or “concurrent” attacks. Once a customer entered the information necessary to launch an attack on their victim, Gatrel’s system was set up to use one or more of his own dedicated attack servers to unlawfully appropriate the resources of hundreds or thousands of other servers connected to the internet in what are called “reflected amplification attacks.”

Co-defendant Juan Martinez, 29, of Pasadena, pleaded guilty in August 2021 to one count of unauthorized impairment of a protected computer and was sentenced to five years’ probation. Martinez was one of Gatrel’s customers and became a co-administrator of the site in 2018.

The FBI’s Anchorage Field Office and its Los Angeles-based Cyber Initiative and Resource Fusion Unit investigated this matter. Akamai Technologies, Inc.; Cloudflare, Inc.; DigitalOcean, Inc.; Google, LLC; Palo Alto Networks – Unit 42; University of Cambridge Cyber Crime Centre; and Unit 221B, LLC assisted this investigation.

Assistant United States Attorney Cameron L. Schroeder, Chief of the Cyber and Intellectual Property Crime Section, and Assistant United States Attorney Adam Alexander of the District of Alaska are prosecuting this case.

Source: U.S. Attorney’s Office, Central District of California

Related posts:

  • Federal Prosecutors in Alaska and Los Angeles Charge 6 Defendants with Operating Websites that Offered Computer Attack Services
Category: Other

Post navigation

← Cybercriminals use reverse tunneling and URL shorteners to launch ‘virtually undetectable’ phishing campaigns
TX: Guadalupe County investigating potential network breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
  • One in Five Law Firms Hit by Cyberattacks Over Past 12 Months
  • U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
  • Senator Chides FBI for Weak Advice on Mobile Security
  • Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
  • Kelly Benefits updates its 2024 data breach report: impacts 550,000 customers
  • Qantas customers involved in mammoth data breach
  • CMS Sending Letters to 103,000 Medicare beneficiaries whose info was involved in a Medicare.gov breach.
  • Esse Health provides update about April cyberattack and notifies 263,601 people
  • Terrible tales of opsec oversights: How cybercrooks get themselves caught

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Kids are making deepfakes of each other, and laws aren’t keeping up
  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.