Connect with us

Hi, what are you looking for?



Operator of ‘DownThem’ DDoS Service Sentenced to 24 Months in Prison

The operator of an infamous service that allowed users to launch distributed denial-of-service (DDoS) attacks was sentenced on Monday to 24 months in prison.

The operator of an infamous service that allowed users to launch distributed denial-of-service (DDoS) attacks was sentenced on Monday to 24 months in prison.

The man, Matthew Gatrel, 33, of St. Charles, Illinois, was convicted in September 2021 on three counts of computer-related and wire fraud felonies.

According to court documents, Gatrel owned and operated – a website that allowed users to purchase subscriptions to launch powerful DDoS attacks – and, which provided bulletproof hosting services to paying customers, and which also facilitated server spoofing and DDoS attack amplification.

Records obtained when DownThem was taken down in 2018 showed that the DDoS attack (or booting) service had roughly 2,000 users and had been used to launch over 200,000 attacks on targets such as government websites, financial institutions, schools, universities, and homes.

Gatrel offered customer support for both DownThem and AmpNode, providing users with guidance on how to launch DDoS attacks on different types of systems and on how to bypass DDoS protection services. He also used the service to demonstrate its DDoS capabilities.

DownThem provided customers with multiple subscription plans, differentiated in price and attack capability, some allowing users to launch several simultaneous attacks.

Juan Martinez, 29, of Pasadena, a co-administrator of DownThem and co-defendant in the case, who pleaded guilty in August 2021, was sentenced to five years’ probation.

Advertisement. Scroll to continue reading.

Related: Authorities Track Down Users of DDoS Services

Related: Seventh Member of International Cyber Fraud Ring Sentenced to Prison

Related: Estonian Ransomware Operator Sentenced to Prison in US

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...