The operator of an infamous service that allowed users to launch distributed denial-of-service (DDoS) attacks was sentenced on Monday to 24 months in prison.
The man, Matthew Gatrel, 33, of St. Charles, Illinois, was convicted in September 2021 on three counts of computer-related and wire fraud felonies.
According to court documents, Gatrel owned and operated DownThem.org – a website that allowed users to purchase subscriptions to launch powerful DDoS attacks – and AmpNode.com, which provided bulletproof hosting services to paying customers, and which also facilitated server spoofing and DDoS attack amplification.
Records obtained when DownThem was taken down in 2018 showed that the DDoS attack (or booting) service had roughly 2,000 users and had been used to launch over 200,000 attacks on targets such as government websites, financial institutions, schools, universities, and homes.
Gatrel offered customer support for both DownThem and AmpNode, providing users with guidance on how to launch DDoS attacks on different types of systems and on how to bypass DDoS protection services. He also used the service to demonstrate its DDoS capabilities.
DownThem provided customers with multiple subscription plans, differentiated in price and attack capability, some allowing users to launch several simultaneous attacks.
Juan Martinez, 29, of Pasadena, a co-administrator of DownThem and co-defendant in the case, who pleaded guilty in August 2021, was sentenced to five years’ probation.
Related: Authorities Track Down Users of DDoS Services
Related: Seventh Member of International Cyber Fraud Ring Sentenced to Prison
Related: Estonian Ransomware Operator Sentenced to Prison in US

More from Ionut Arghire
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Atlassian Warns of Critical Jira Service Management Vulnerability
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- Google Shells Out $600,000 for OSS-Fuzz Project Integrations
- F5 BIG-IP Vulnerability Can Lead to DoS, Code Execution
- Flaw in Cisco Industrial Appliances Allows Malicious Code to Persist Across Reboots
- HeadCrab Botnet Ensnares 1,200 Redis Servers for Cryptomining
- Malicious NPM, PyPI Packages Stealing User Information
Latest News
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- China Says It’s Looking Into Report of Spy Balloon Over US
- GoAnywhere MFT Users Warned of Zero-Day Exploit
