A New Mexico man has pleaded guilty to launching DDoS attacks against a slew of websites operated by former employers, business competitors, law enforcers and courts over a two-year-period.
John Kelsey Gammell pleaded guilty at a District Court in St. Paul, Minnesota on Wednesday to one count of conspiracy to commit intentional damage to a protected computer and two counts of being a felon-in-possession of a firearm.
His campaign lasted from around July 2015 to March 2017, and revolved around the use of multiple “DDoS-for-hire” services including VDoS, CStress, Inboot, Booter.xyz and IPStresser.
One notable attack launched against a former employer was to prove his undoing.
According to court documents, Gammell had a dispute with his former employer, Washburn Computer Group, in July 2014 and proceeded to DDoS the firm.
Although he used various techniques for anonymizing his identity — such as IP address masking services and paying for the DDoS services with crypto-currency — and encryption and drive-cleaning tools to conceal digital evidence on his computers, he came unstuck by emailing his former employer.
Grand jury subpoenas were served to Google and Yahoo to hand over the account details of the registrant for those emails, which led police directly to Gammell.
Those attacks are said to have caused a minimum $15,000 loss for the electronics company.
However, it was discovered that he had also fired DDoS attacks at companies that declined to hire him in the past and competitors of his soldering business.
Those listed by the Department of Justice include: the Minnesota State Courts, Dakota County Technical College, Minneapolis Community and Technical College and the Hennepin County Sheriff’s Office.
Gammell, who is banned from possessing firearms or ammunition based on prior convictions, also admitted possessing parts to build AR-15 assault rifles, as well as several handguns and ammo.
Organizations experienced an average of 237 DDoS attack attempts per month during Q3: a 35% increase in monthly attempts compared to the previous quarter, and a 91% increase in monthly attack attempts compared to Q1, according to Corero Network Security.