Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Man Admits to DDoS-ing Employers, Competitors

A New Mexico man admitted in court this week to launching distributed denial of service (DDoS) attacks against the websites of former employers, business competitors, and public services.

A New Mexico man admitted in court this week to launching distributed denial of service (DDoS) attacks against the websites of former employers, business competitors, and public services.

The culprit, John Kelsey Gammell, 55, pleaded guilty to one count of conspiracy to commit intentional damage to a protected computer, admitting to launching DDoS attacks on websites in the United States, from at least in or about July 2015 through in or about March 2017. He also pleaded guilty to two counts of being a felon-in-possession of a firearm.

The DDoS attacks were aimed at numerous websites, including domains operated by companies Gammell used to work for or of those that declined to hire him. He also targeted competitors of his business and websites for law enforcement agencies and courts, among others.

Gammell admitted to using programs on his own computers and to purchasing the services of “DDoS-for-hire” companies to launch the DDoS attacks. He purchased the services of companies such as VDoS, CStress, Inboot, Booter.xyz and IPStresser, the Department of Justice reveals.

Some of the victims he targeted include Washburn Computer Group, the Minnesota State Courts, Dakota County Technical College, Minneapolis Community and Technical College, the Hennepin County Sheriff’s Office, among others.

To avoid detection, he used IP address anonymization services, paid for the DDoS-for-hire services using cryptocurrency, used spoofed emails to conceal his conduct, and employed encryption and drive-cleaning tools to conceal digital evidence. To circumvent his victims’ DDoS attack mitigation efforts, Gammell amplified his attacks by using multiple DDoS-for-hire services at once.

Gammell is a convicted felon prohibited from possessing firearms or ammunition. He also admitted to possessing multiple firearms, ammunition, and parts for use in the building of firearms and ammunition. His sentence is scheduled for a later date.

Related: Briton Pleads Guilty to Running Malware Services

Advertisement. Scroll to continue reading.

Related: NSA Contractor Pleads Guilty in Embarrassing Leak Case

Related: Three Plead Guilty in Mirai Botnet Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.