A New Mexico man has pleaded guilty to engaging in and launching distributed denial of service (DDoS) attacks against a slew of websites belonging to former employers, business competitors and law enforcement. John Kelsey Gammell pleaded guilty to one count of conspiracy to commit intentional damage to a protected computer and two counts of being a felon-in-possession of a firearm before a Minnesota District court on Wednesday (17 January).
According to a Justice Department release, 55-year-old Gammell's campaign lasted from around July 2015 to March 2017 during which he initiated multiple attacks against websites across the US designed to cripple their networks with fake traffic.
Besides using his own computers to launch DDoS attacks, he also used "DDoS-for-hire" services such as VDoS, Inboot, CStress, Booter.xyz and IPStresser to initiate attacks.
Officials said he targeted dozens of websites including those of Washburn Computer Group, Dakota County Technical College, Minneapolis Community and Technical College, the Minnesota State Courts and the Hennepin County Sheriff's Office.
The Justice Department noted that Gammell took a number of steps to evade detection, cover his tracks and get around his victims' DDoS attack mitigation efforts. These include using IP address anonymisation to mask his identity and location, using cryptocurrency to pay for the DDoS-for-hire services, using multiple services at the same time to "amplify his attacks", using spoofed emails as well as drive-cleaning tools and encryption.
Prohibited from possessing firearms or ammunition due to prior convictions, Gammell admitted to possessing parts to build A5-15 assault rifles, upper and lower receivers, a buttsock, a bugger tube, a pistol grip, a trigger guard, 420 rounds of 5.56 x 45mm full metal jacket rifle ammunition and 15 high-capacity magazines in Colardo. He also admitted to possessing a Springfield Armory model 1911-A1, .45 caliber handgun, a Heckler & Koch P2000 handgun and hundreds of rounds of ammo in New Mexico.
Gammell will be sentenced at a later date.
Over the past few years, DDoS attacks have become more sophisticated, common and cheaper to carry out as a popular tool in cybercriminals' arsenal.
According to a recent report by SecureList, the cost of a basic DDoS attack lasting 300 seconds can go for as little as €5 ($6) on the black market while heavier attacks can cost up to €90 ($110).
"The motives behind such attacks can vary – from cyber-hooliganism to extortion," researchers said. "DDoS attacks and, in particular, ransomware DDoS have already turned into a high-margin business. And the fact that the owners of online sites are often willing to pay a ransom without even checking whether the attackers can actually carry out an attack (something that other fraudsters have already picked up on) adds even more fuel to the fire."