Operations of the highly powerful Rapper Bot distributed denial-of-service botnet, also known as CowBot and Eleven Eleven Botnet, have been dismantled by U.S. authorities following a warrant against its alleged developer and administrator, Ethan Foltz, who could face up to a decade-long imprisonment over a charge of aiding and abetting cyberattacks, reports CyberScoop.
Attacks with Rapper Bot, which entailed 65,000 to 95,000 compromised devices to reach two to three terabits per second, have been launched against 80 countries, with China, Japan, the U.S., Ireland, and Hong Kong being the most affected, according to officials. Officials, with the help of Amazon Web Services, Google, PayPal, and other firms, have been able to attribute Rapper Bot to Foltz after establishing a link between the botnet's hosting provider and PayPal that exposed his shared email addresses. Foltz remains on the run. "Because Rapper Bot has been in operation since at least 2021, there is a strong likelihood that there are millions of victims, in terms of infected IoT devices, as well as millions of Rapper Bot-initiated DDoS attacks," said a Defense Criminal Investigative Service agent in an affidavit.
Attacks with Rapper Bot, which entailed 65,000 to 95,000 compromised devices to reach two to three terabits per second, have been launched against 80 countries, with China, Japan, the U.S., Ireland, and Hong Kong being the most affected, according to officials. Officials, with the help of Amazon Web Services, Google, PayPal, and other firms, have been able to attribute Rapper Bot to Foltz after establishing a link between the botnet's hosting provider and PayPal that exposed his shared email addresses. Foltz remains on the run. "Because Rapper Bot has been in operation since at least 2021, there is a strong likelihood that there are millions of victims, in terms of infected IoT devices, as well as millions of Rapper Bot-initiated DDoS attacks," said a Defense Criminal Investigative Service agent in an affidavit.
