14 DAY TRIAL // Grant Manser, 20, of Kidderminster, a town near Birmingham, in the UK, has pleaded guilty to selling DDoS stressers on the Dark Web that had been used to bring down servers and websites in the UK and many European countries.
Manser started his life of cyber-crime when he was only sixteen, saying that he got the idea to create and sell his own DDoSing tool when he worked for another hacker from the US and saw the amount of money that person made.
The UK teen built his own DDoS stresser and started advertising it on websites hosted on the Dark Web. Manser operated between January 2012 and November 2014, during which time he created tools such as Dejabooter, Vexstresser, netspoof and Refinedstresser.
Hacker made £50,000 in four years
Local law enforcement discovered his operation after DDoS attacks on two UK schools, Harrogate and Hull College. Unhappy students that had to stay after school for detention bought Manser's tool and launched attacks on their institutions' websites.
Police tracked down various attacks to Manser's tools, and eventually managed to detect his real identity, even if ran his operation from the Dark Web.
Authorities arrested the teen and seized his computer equipment. Manser has now pleaded guilty to six hacking charges under the Computer Misuse Act and four under the Serious Crime Act.
In the four years he ran his website for selling DDoS stressers, Manser made £50,000 ($70,000). The price for his tools was between £4.99 and £20 ($7 and $28), and payments were handled via PayPal.
DDoS tools contained safeguards to prevent attacks on police, FBI
Prosecutors say that Manser's operation grew so large, that he took out ads for support staff. They also said Manser's site had 12,800 registered users, of which 400 bought his tools, launching 603,499 DDoS attacks on 224,548 targets.
The judge sentenced the teenager to two years youth detention suspended for 18 months. He also has to perform 100 hours of community work and pay damages of £800 ($1,130).
The judge went easy on the suspect because his lawyer argued that Manser did not partake in the attacks, did it only for monetary gains, which he mostly saved.
Additionally, the judge was also impressed by the fact that Manser built secret safeguards in his software that prevented the tools from being used to attack hospitals, banks, the police, or the FBI.
UPDATE: A source close to Manser and with knowledge of case details has provided Softpedia more information regarding the case. The article above was not been updated.
Manser apparently made more than £50,000, as law enforcement claim. He used multiple PayPal accounts to store his money employing a scheme known as "Account Holders" where other people would receive the payments, hold the money in their account, and get a cut later on.
Besides the four DDos stressers, Manser, according to our source, was also involved in the creation of RageBooter as well.
The flaw in his operation appears to have been his rampant use of Skype, an insecure technology. This information is not confirmed with UK authorities, but Microsoft is known to collaborate with law enforcement agencies and provide data on its users under a warrant.