Tucker Preston, the co-founder of DDoS mitigation firm BackConnect Security LLC, has pleaded guilty to one count of damaging computers. The 22-year-old Georgian was accused of performing a DDoS attack on an unnamed site, and entered a guilty plea agreement.
“Victim 1 was a company engaged in business in multiple states and kept and maintained servers in the District of New Jersey,” reads the agreement. “Service 1 was an entity that engaged in DDoS attacks. In exchange for a fee, Service 1 would carry out DDoS attacks targetting victims selected by its customers…In or around December 2015, defendant Tucker Preston paid Service 1 to engage in DDoS attacks against Victim 1.”
The court documents were discovered by KrebsOnSecurity, who previously reported on BackConnect’s tendency to hijack addresses from hundreds of ISPs to protect itself from a DoS attack performed by the now-shuttered DDoS-for-hire service vDOS.
vDOS was hacked in 2016 and its likely owners detained by police shortly after. Among the hack was a leaked database, which Krebs says contains several email aliases associated with a domain registered by Preston. That account was reportedly active in assaults on numerous targets, including the Free Software Foundation. The FSF told BackConnect in 2016 that it experienced the attacks shortly after it declined to work with BackConnect.
BackConnect Security LLC was renamed in April 2016 when Preston was voted out the company and forced to sell his share. The now BackConnect Inc appears to be under the helm of Marshal Webb, and is wholly separate from the LLC.
According to the US Justice Department, the count that Preston pleaded guilty to can hold a fine of up to $250,000 or twice the gross loss or gain from the offense. The maximum prison sentence is 10 years. Preston isn’t set for sentencing until early May, so it’s unclear what his punishment will be at this time.