fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Admin of DDoS Service Behind 200,000 Attacks Faces 35yrs In Prison

Admin of DDoS Service Behind 200,000 Attacks Faces 35yrs In Prison

At the end of a nine-day trial, a jury in California this week found guilty the administrator of two distributed denial-of-service (DDoS) operations.

32-year old Matthew Gatrel of St. Charles, Illinois, ran two websites that allowed paying users to launch more than 200,000 DDoS attacks on targets in both the private and public sector.

Booter service and bulletproof server hosting

Court documents reveal that Gatrel had been operating the DDoS services since at least October 2014. He ran two sites, DownThem and Ampnode, both enabling DDoS attacks.

Gatrel used DownThem to sell subscriptions for his DDoS services (also called “booters“ or “stressers“) and AmpNode offered “bulletproof” server hosting options to customers that needed servers pre-configured with DDoS attack scripts and lists of vulnerable systems that could amplify the assault.

Also Read: Personal Data Websites: 3 Things That You Must Be Informed

When going through the records of the DownThem booter website, the investigators found it had more than 2,000 registered customers. According to the documents, users are responsible for launching over 200,000 DDoS attacks.

The targets ranged from homes and schools, to universities, municipal and local government websites, and financial institutions from all over the world.

“Often called a “booting” service, DownThem itself relied upon powerful servers associated with Gatrel’s AmpNode bulletproof hosting service. Many AmpNode customers were themselves operating for-profit DDoS services” – the U.S. Department of Justice

Customers could choose from multiple subscriptions, each coming with various attack capabilities such as duration, strength, or the possibility of concurrent attacks.

With the sight set on a target, the service would use the AmpNode attack servers to run “reflected amplification attacks” using resources from “hundreds or thousands of other servers connected to the internet.”

Gatrel was not alone in this. He received helped administering the DownThem website from 28-year old Juan Martinez of Pasadena in 2018.

Unlike Gatrel, Martinez already pleaded guilty and is awaiting his sentence scheduled for December 2. He is facing a statutory maximum sentence of 10 years in federal prison.

Also Read: PDPA For Companies: Compliance Guide For Singapore Business

Gatrel is facing a maximum statutory sentence of 35 years in a federal prison for the three felonies he has been found guilty of:

  • one count of conspiracy to commit unauthorized impairment of a protected computer
  • one count of conspiracy to commit wire fraud
  • one count of unauthorized impairment of a protected computer

His sentencing has been scheduled for January 27, 2022.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us