Federal authorities have charged a 22-year-old Oregon man with operating one of the most powerful distributed denial-of-service (DDoS) botnets ever discovered, marking a significant victory in the ongoing battle against cybercriminal infrastructure.
Ethan Foltz of Eugene, Oregon, faces federal charges for allegedly developing and administering the “Rapper Bot” DDoS-for-hire service, which has been conducting large-scale cyberattacks since at least 2021.
The botnet, also known as “Eleven Eleven Botnet” and “CowBot,” represents one of the most sophisticated criminal cyber operations uncovered by law enforcement.
According to court documents filed in the District of Alaska, Rapper Bot primarily compromised internet-connected devices including digital video recorders (DVRs) and WiFi routers by infecting them with specialized malware.
Once infected, these devices were forced to participate in coordinated attacks against victims worldwide, generating massive volumes of malicious traffic designed to overwhelm target systems.
Unprecedented Scale and Impact
The scope of Rapper Bot’s operations was staggering. Federal investigators determined the botnet targeted victims across more than 80 countries, including U.S. government networks, popular social media platforms, and numerous technology companies.
From April 2025 to the present, the operation allegedly conducted over 370,000 attacks against 18,000 unique victims.
The botnet’s technical capabilities were equally impressive and concerning. Court documents reveal that Rapper Bot utilized between 65,000 to 95,000 infected victim devices to conduct DDoS attacks typically measuring two to three terabits per second.
The largest documented attack may have exceeded six terabits per second, representing an enormous volume of malicious traffic capable of crippling even well-defended targets.
The financial impact on victims was substantial. According to the criminal complaint, a single DDoS attack averaging over two terabits per second and lasting just 30 seconds could cost victims between $500 and $10,000 in lost revenue, response costs, and bandwidth expenses.
Some customers allegedly used the botnet’s capabilities for extortion schemes, threatening targets with devastating attacks unless payments were made.
On August 6, 2025, law enforcement executed a search warrant at Foltz’s Oregon residence and successfully terminated Rapper Bot’s attack capabilities.
The Defense Criminal Investigative Service (DCIS) obtained administrative control of the botnet infrastructure, effectively ending its criminal operations. No Rapper Bot attacks have been reported since law enforcement assumed control.
The investigation involved extensive cooperation between federal agencies and private sector partners, including major technology companies like Akamai, Amazon Web Services, Cloudflare, and Google.
This collaborative approach was part of Operation PowerOFF, an international initiative targeting criminal DDoS-for-hire services.
Foltz faces charges of aiding and abetting computer intrusions, carrying a maximum penalty of 10 years in prison.
The case demonstrates law enforcement’s growing capability to disrupt sophisticated cybercriminal enterprises threatening global internet infrastructure.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates!
Source link
