In August 2025, U.S. federal authorities announced the arrest of Ethan Foltz, a 22-year-old from Oregon, alleged administrator of the infamous “RapperBot” DDoS-for-hire Botnet.

According to the U.S. Department of Justice, RapperBot also known as “Eleven Eleven Botnet” and “CowBot” infected Digital Video Recorders (DVRs), Wi-Fi routers, and other connected devices, leveraging them to launch Distributed Denial-of-Service (DDoS) attacks against thousands of victims worldwide.

Since at least 2021, RapperBot has carried out over 370,000 attacks, targeting 18,000 unique victims across more than 80 countries, including U.S. government networks, social media platforms, and leading technology companies. Some of the attacks reached over six terabits per second (Tbps), making RapperBot one of the most powerful botnets in existence.

The takedown, part of Operation PowerOFF, highlights both the global nature of cybercrime and the increasing sophistication of cybercriminal infrastructure.

What Businesses and Individuals Should Learn

1. IoT Vulnerabilities Are Prime Targets: Devices like DVRs and routers often remain poorly secured, with weak/default passwords or unpatched firmware. Once compromised, they can be weaponized at scale.
2. DDoS Is More Than Downtime, It’s Extortion: RapperBot’s operators not only disrupted services but also demanded ransom payments from victims to stop attacks.
3. The Hidden Cost of Attacks Is Staggering: A DDoS attack averaging 2 Tbps for just 30 seconds can cost between $500–$10,000 in bandwidth usage, lost revenue, and customer churn.
4. Botnets Expand Into New Threat Models: Reports linked RapperBot not only to DDoS attacks but also to cryptojacking, where hijacked devices were used to mine cryptocurrency.
5. Cybercrime Relies on Weak Digital Identity Hygiene: Investigators tied RapperBot’s administrator to PayPal, Gmail, and ISP activity. Weak digital footprints made attribution possible.

Where Our Firm Can Help

The RapperBot case reinforces the urgent need for comprehensive cybersecurity readiness. Our consulting firm provides tailored services designed to address the exact areas exploited by botnets and cybercriminal groups:

• Password Security.
• Personal Data & Social Media Security.
• Incident Response & Recovery. 
• Compliance & Regulatory Services. 
• Penetration Testing & Vulnerability Assessments.
• Cyber Protection Academy.
• Cybersecurity Recruitment Services. 

Conclusion

The disruption of RapperBot demonstrates the power of collaboration between law enforcement, private sector partners, and cybersecurity professionals. While Foltz faces up to 10 years in prison if convicted, businesses and individuals cannot afford to wait for criminals to be caught before acting. Every connected device, network, and user is a potential target, or a potential weapon in the wrong hands.

Our mission is to help you stay secure, compliant, and resilient against threats like RapperBot.