John Kelsey Gammell, 55, from New Mexico has been sentenced to 15 years in prison for launching distributed denial-of-service (DDoS) attacks on dozens of organizations and for firearms-related charges.
The man used popular ‘services of “DDoS-for-hire” companies to power DDoS attacks against its victims, cyberattacks, including VDoS, CStress, Inboot, Booter.xyz, and IPStresser.
The list of the victims is long and include business competitors, former employers, law enforcement agencies, courts, banks, telecoms companies, and firms that refused to hire him.
The man used VPN services to hide his identity and cryptocurrency for his payments, but he was identified due to a poor ops sec. The man sent emails to the victims while they were under DDoS attacks and proposed his services to mitigate the problems. The mails were sent from Gmail and Yahoo accounts he accessed from his home without masquerading his real IP address.
The man initially rejected a plea deal, but in January he pleaded guilty to commit intentional damage to a protected computer, admitting to launching DDoS attacks on websites in the United States in the period between July 2015 and March 2017. He also pleaded guilty to two counts of being a felon-in-possession of firearms and ammunition.
The man was condemned to 180-month in jail and will have to compensate the victims of his DDoS attacks, the overall amount will be determined soon.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – distributed denial-of-service, cybercrime)
[adrotate banner=”5″]
[adrotate banner=”13″]
Mandiant researchers warn that China-linked actors are deploying custom backdoors on Juniper Networks Junos OS MX…
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds six Microsoft Windows flaws to its Known Exploited…
Microsoft Patch Tuesday security updates for March 2025 address 56 security vulnerabilities in its products,…
The Ballista botnet is exploiting an unpatched TP-Link vulnerability, targeting over 6,000 Archer routers, Cato…
Apple addressed a zero-day vulnerability, tracked as CVE-2025-24201, that has been exploited in "extremely sophisticated"…
Switzerland's NCSC mandates critical infrastructure organizations to report cyberattacks within 24 hours of discovery. Switzerland's…
This website uses cookies.