Federal investigators have dismantled one of the world’s most powerful distributed denial-of-service (DDoS) botnets and charged its alleged administrator with orchestrating cyberattacks that targeted victims across more than 80 countries. 

Ethan Foltz, 22, of Eugene, Oregon, faces federal charges for allegedly operating the “Rapper Bot” botnet, also known as “Eleven Eleven Botnet” and “CowBot,” which conducted sophisticated DDoS attacks since at least 2021.

Key Takeaways
1. An Oregon man, 22, charged for operating a massive DDoS botnet, faces 10 years prison.
2. 370,000+ attacks across 80+ countries using 65,000-95,000 hijacked devices.
3. FBI seized control and shut down the botnet on August 6, 2025.




Massive Scale of Cyberattacks Revealed



The Rapper Bot operation represented a significant threat to global internet infrastructure, utilizing between 65,000 and 95,000 compromised devices to launch devastating attacks. 



Court documents reveal that the botnet primarily infected Internet of Things (IoT) devices, including Digital Video Recorders (DVRs) and WiFi routers, by deploying specialized malware that converted these devices into unwitting participants in cyberattacks.



The scale of the operation was unprecedented, with investigators documenting over 370,000 attacks targeting 18,000 unique victims from April 2025 to the present. 



These DDoS attacks are commonly measured between two and three terabits per second, with the largest attack potentially exceeding six terabits per second. 



Such massive attack volumes could cost victims anywhere from $500 to $10,000 for a 30-second attack, not including lost revenue, customer dissatisfaction, and incident response costs.



The criminal enterprise monetized its illegal services by providing paying customers access to what prosecutors describe as “one of the most sophisticated and powerful DDoS-for-hire Botnets currently in existence”. 



Targets included critical infrastructure such as U.S. government networks, popular social media platforms, and numerous technology companies. 



Some clients allegedly used the botnet’s capabilities for extortion, leveraging the threat of massive DDoS attacks to force victims.



On August 6, 2025, the Defense Criminal Investigative Service (DCIS) executed a search warrant at Foltz’s residence, successfully terminating the botnet’s attack capabilities and seizing administrative control. 



The disruption was part of Operation PowerOFF, an international law enforcement initiative targeting DDoS-for-hire infrastructures worldwide.



Industry partners, including Akamai, Amazon Web Services, Cloudflare, and Google, provided crucial assistance in the investigation.



Foltz faces allegations of assisting in computer intrusions, which carries a potential sentence of ten years in jail.  



The case demonstrates law enforcement’s growing capability to combat sophisticated cybercriminal operations that threaten global internet security and infrastructure.



Safely detonate suspicious files to uncover threats, enrich your investigations, and cut incident response time. Start with an ANYRUN sandbox trial → 
The post Hacker Charged in Connection with DDoS-for-Hire ‘Rapper Bot’ Scheme appeared first on Cyber Security News.
				
21 August  2025
				>> Read More