Ethical Hacking News
The U.S. Department of Justice (DOJ) has taken action against 22-year-old Ethan Foltz, who was found to be running the notorious RapperBot botnet. The RapperBot botnet has been linked to over 370,000 DDoS attacks in more than 80 countries, leaving a trail of destruction and disruption in its wake. This case highlights the growing threat of cybercrime and underscores the importance of international cooperation in combating these threats.
The U.S. Department of Justice has charged 22-year-old Ethan Foltz with aiding computer intrusions related to the RapperBot botnet. The RapperBot botnet, linked to over 370,000 DDoS attacks in 80 countries, was disrupted after seizing control of its infrastructure on August 6, 2025. The botnet is considered one of the most powerful DDoS botnets, with capabilities to launch massive global-scale attacks. Researchers first discovered the RapperBot botnet in August 2022, but it's speculated to have been active since 2021. The botnet has been used to launch DDoS attacks and extort victims, causing significant economic losses and compromising sensitive data. International cooperation, including law enforcement agencies and Amazon Web Services, was instrumental in disrupting the RapperBot botnet's activities.
The recent actions taken by the U.S. Department of Justice (DOJ) against 22-year-old Ethan Foltz, who was found to be running the notorious RapperBot botnet, serve as a stark reminder of the ever-evolving nature of cyber threats. The RapperBot botnet, which has been active since 2021, has been linked to over 370,000 Distributed Denial-of-Service (DDoS) attacks in more than 80 countries, leaving a trail of destruction and disruption in its wake.
According to the DOJ, Foltz was charged with one count of aiding computer intrusions, which carries a maximum penalty of up to 10 years in prison. The charges were made possible thanks to the outstanding work of the DCIS cyber agents, who gained control of the RapperBot infrastructure after seizing the botnet on August 6, 2025. This successful operation effectively disrupted the activities of this transnational criminal group and dealt a significant blow to its ability to carry out further attacks.
The RapperBot botnet is considered one of the most powerful DDoS botnets to ever exist, with capabilities that enable it to launch massive attacks on a global scale. The botnet's administrator, Foltz, allegedly developed and managed the service, which has infected over 45,000 devices across 39 countries. The infected devices are used to conduct DDoS attacks, which can cost victims between $500 and $10,000 due to lost revenue, response costs, and bandwidth use.
Researchers from FortiGuard Labs first discovered the RapperBot botnet in August 2022, but they speculate that it had been active since 2021. The bot's code is heavily borrowed from the original Mirai botnet, which was a notorious IoT malware family that gained widespread attention in 2016. However, unlike other IoT malware families, RapperBot has implemented built-in capabilities to brute-force credentials and gain access to SSH servers, making it an even more formidable threat.
The threat actors behind the RapperBot botnet have used it to launch DDoS attacks against victims and extort them. These attacks are often designed to disrupt critical infrastructure, causing significant economic losses and compromising the security of sensitive data.
The cooperation between law enforcement agencies, including the Department of Defense Office of Inspector General's Cyber Field Office and the U.S. Attorney's Office in Alaska, has been instrumental in disrupting the activities of this transnational criminal group. Amazon Web Services (AWS) also played a crucial role in aiding the DOJ by mapping Rapper Bot's C2 infrastructure and analyzing its IoT malware.
This case highlights the importance of international cooperation in combating cyber threats. The widespread nature of the RapperBot botnet, which has affected victims across more than 80 countries, underscores the need for global vigilance and collaboration to protect against these types of threats.
In conclusion, the recent actions taken by the DOJ against Ethan Foltz and the disruption of the RapperBot botnet serve as a reminder that cyber threats are becoming increasingly sophisticated and widespread. As technology continues to evolve at an unprecedented rate, it is essential for law enforcement agencies and cybersecurity professionals to remain vigilant and proactive in their efforts to combat these threats.
Related Information:
https://www.ethicalhackingnews.com/articles/The-RapperBot-Botnet-A-Growing-Threat-to-Global-Cybersecurity-ehn.shtml
https://securityaffairs.com/181342/cyber-crime/doj-takes-action-against-22-year-old-running-rapperbot-botnet.html
Published: Wed Aug 20 12:50:43 2025 by llama3.2 3B Q4_K_M
