His Company Lets Paying Customers To Launch DDoS Attacks, Fed Says
An Illinois man ran a successful computer takedown service until the Fed stepped in.
Matthew Gatrell, a 32-year-old man from St. Charles, was found guilty by a federal jury for running websites that “allowed paying users to launch distributed denial-of-service, or DDoS, attacks,” according to Department of Justice, US Attorney’s Office, Central District of California.
A distributed denial of service attack can bring a computer network to its knees, flooding it with malicious traffic and – in the worst cases – shutting it down.
Amazon Web Services (AWS) was hit by a massive DDoS attack last year and sites like GitHub have also fallen victim to it. massive attack.
Amazon faces headquarter controversy – this time in Africa
“In a worst-case scenario, the victim organization’s ability to operate is severely crippled,” Oliver Tavakoli, CTO VectraSan Jose, a California-based AI cybersecurity company, told Granthshala Business.
“It is easy to imagine when a victim organization interacts with its customers through websites that are no longer accessible as a result of a DDoS attack,” Tavakoli said.
Downthem sold subscriptions allowing customers to launch DDoS attacks, while Empnode provided server hosting for spoofing servers pre-configured with scripts to launch DDoS attacks.
The DOJ said Gatrell offered guidance to customers of both services on the best attack methods to bypass computers, hosting providers, or DDoS protection services.
Get Granthshala Business on the go by clicking here
The DOJ said, “Gatrell often used downtheme service to demonstrate the power and effectiveness of products to potential customers, by attacking customers and providing evidence via screenshots that they had broken the victim’s Internet connection.” “
And DownThem customers can choose from a variety of paid subscription plans.
The DOJ said, “Subscription plans vary in cost and offer increased attack capability, allowing customers to select different attack durations and relative attack strengths, as well as multiple simultaneous attacks.” Or have the ability to launch ‘concurrent’ attacks.”
Records from the downthem service revealed more than 2,000 registered users and more than 200,000 launched attacks, including attacks on homes, schools, universities, municipal and local government websites, and financial institutions around the world.
“The main driver for the increase in DDoS is extortion,” said Chris Morales, Chief Information Security Officer netenrich, California-based resolution intelligence provider San Jose told Granthshala Business.
“DDoS serves the same purpose as ransomware, but with far less effort and no possibility of detection until it does,” Morales said.
Customers pay for this service because “the technical part of the attack… requires some infrastructure and expertise to pull off and is similar to the rise of ransomware-as-a-service,” said Vectra’s Tavakoli. said.
Some of the people who pay for this service are gamers “looking to get an edge in competitive games, many of which have real money tied to winning competitions,” Netenrich’s chief threat hunter John Bumbaneck told Granthshala Business. .