Federal prosecutors have charged a 22-year-old Oregon man with operating one of the most sophisticated DDoS-for-hire botnets in existence, according to a criminal complaint filed in Alaska District Court.
Ethan Foltz of Eugene, Oregon, allegedly administered the “Rapper Bot” network that conducted over 370,000 cyberattacks against victims in more than 80 countries since 2021.
The Department of Justice announced Tuesday that Rapper Bot, also known as “Eleven Eleven Botnet” and “CowBot,” compromised between 65,000 to 95,000 infected devices, including digital video recorders and WiFi routers, to launch massive distributed denial-of-service attacks.
These attacks routinely measured between two to three terabits per second, with the largest potentially exceeding six terabits per second.
Global Impact and Sophisticated Operations
Court documents reveal that Rapper Bot targeted high-profile victims, including U.S. government networks, popular social media platforms, and major technology companies.
From April 2025 tothe present, the botnet attacked approximately 18,000 unique victims worldwide, demonstrating the scale of its criminal enterprise.
The financial impact of these attacks proved substantial, with prosecutors estimating that a single 30-second attack averaging over two terabits per second could cost victims between $500 to $10,000 in lost revenue, customer dissatisfaction, and bandwidth expenses.
Some customers allegedly used the botnet’s powerful capabilities for extortion schemes, leveraging attack threats against potential victims.
Law Enforcement Response
On August 6, 2025, federal agents executed a search warrant at Foltz’s Oregon residence, effectively terminating Rapper Bot’s attack capabilities and transferring administrative control to the Defense Criminal Investigative Service.
No attacks have been reported since law enforcement gained control of the network.
“Rapper Bot was one of the most powerful DDoS botnets to ever exist, but the outstanding investigatory work by DCIS cyber agents and support of my office and industry partners has put an end to Foltz’s time as administrator,” stated U.S. Attorney Michael J. Heyman for the District of Alaska.
The investigation involved collaboration between multiple agencies and private sector partners, including Akamai, Amazon Web Services, Cloudflare, and Google as part of Operation PowerOFF, an international effort targeting DDoS-for-hire infrastructures.
Foltz faces charges of aiding and abetting computer intrusions, carrying a maximum penalty of 10 years in prison if convicted.
The case demonstrates law enforcement’s continued focus on dismantling cybercriminal networks that threaten critical infrastructure and internet security globally.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates
%20(1).webp?resize=1600,900&ssl=1&description=Ethan Foltz of Eugene, Oregon, allegedly administered the "Rapper Bot" network that conducted over 370,000 cyberattacks against victims in more than 80 countries since 2021.){kind=link}