John Kelsey Gammell, a 46-year-old from New Mexico has been sentenced to 15 years in prison for conducting sustained DDoS attacks (distributed denial of service) against his ex-employer Washburn Computer Group, a point-of-sale system repair company.
Gammell was arrested and charged in November 2017 with hiring cyber attackers to perform DDoS attacks on the company’s cyberinfrastructure between July 2015 to September 2016 using DDoS-for-hire service including vDoS, IPStresser, Inboot, CStress and Booter.xyz.
According to US federal prosecutors, Gammell hired three people and paid them a monthly subscription to carry attacks against the company’s system and bring them down. The attacks cost the company a whopping $15,000 in damages but he didn’t stop there, authorities also accused him of paying $19.99 to $199.99 monthly to conduct cyber attacks on Hennepin County, Minnesota Judicial Branch, and some banks.
Initially, although Gammell pleaded not guilty to the charges and rejected the plea deal offer investigation conducted by the FBI revealed that to get in touch with vDOS, he used two pseudo names “AnonCunnilingus” and “AnonRooster.”
It must be noted that vDOS suffered a data breach in July 2016 and taken offline in September 2016 after two of its key operators were arrested in Israel while an 18-year-old teenager named Jack Chappel from the United Kingdom was arrested and accused of aiding vDOS’ co-founders.
The vDOS database was then leaked online which contained its customer records shows roughly 1,500 people used vDOS from April 2016 to August 2016 and one among them was “AnonCunnilingus.” Furthermore, investigators found an email sent by Gammell to vDOS through customer ticket widget in August 2015 in which he wrote that:
“Dear Colleagues, this is Mr. Cunnilingus. You underestimate your capabilities. Contrary to your statement of “Notice!” It appears from our review that you are trying to stress test a DDoS protected host, vDOS stresser is not capable of taking DDoS protected hosts down which means you will not be able to drop this hosting using vDOS stresser…As they do not have my consent to use my internet, after their site being down for two days, they changed their IP and used Rackspace DDoS mitigation and must now be removed from cyberspace. Verified by downbyeveryone. We will do much business. Thank you for your outstanding product – We Are Anonymous USA.”
Gammell was caught after authorities traced email addresses he used after attackers carried out DDoS attacks upon his instructions. According to a sworn affidavit [PDF] submitted by FBI Special Agent Brian Behm, at the time when Washburn started suffering cyber attacks, there was no way of identifying its culprits since the IP addresses linked to the DDoS attacks was associated with a virtual private network (VPN) provider based in the United States, wrote Behm.
However, during the attacks, Washburn received two taunting emails (with a gif file showing a laughing mouse) asking about the attacks. One of the emails was sent from a Gmail account while the other was a Yahoo email address inquiring whether the company needed help with the ongoing attacks. The FBI discovered that both accounts were created on an IP address associated with Gammell’s home address along with an AT&T cell phone number in his name.
In January 2018, according to a press release from the Department of Justice, Gammell pleaded guilty to directing computer attacks against websites of dozens of victims, as well as felon-in-possession charges. In another press release from the Department of Justice on May 17th, 2018, it was stated that Gammell has been sentenced to 15 years in prison.
“Gammell, who is a convicted felon, also admitted that he possessed parts for use in the building of AR-15 assault rifles, upper and lower receivers, a pistol grip, a trigger guard, 15 high-capacity magazines, a buttstock, a buffer tube, and 420 rounds of 5.56 x 45mm full metal jacket rifle ammunition in Colorado, where he worked,” said the press release.
He further admitted that he possessed a Heckler & Koch P2000 handgun, and a Springfield Armory model 1911-A1, .45 caliber handgun, as well as hundreds of rounds of ammunition in New Mexico, where he resided.”
DDoS attacks are increasing around the world since it has become a lucrative business. If you are running a business; calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.
Image credit: Shutterstock