An Oregon man is facing federal charges over allegations he orchestrated multiple large-scale cyberattacks over the course of several years, federal authorities announced Tuesday.
Ethan Foltz, 22, allegedly developed the “Rapper Bot” Botnet, a network of devices such as digital video recorders and WiFi routers that have been infected with malware and used to conduct distributed denial of service (DDoS) attacks — a type of cyberattack aimed at slowing or shutting down websites, servers or other devices by sending large amounts of requests and overloading the system — since at least 2021, said the U.S. Attorney’s Office in the District of Alaska. Prosecutors said the network is “one of the most sophisticated and powerful DDoS-for-hire Botnets currently in existence.”
Prosecutors said law enforcement officials stopped the attacks on Aug. 6 after executing a search warrant at Foltz’s home in Eugene, Oregon, and obtaining administrative control of his Botnet.
Court documents allege Foltz loaned “Rapper Bot” to paying customers who targeted victims in over 80 countries, including a U.S. government network, a social media platform and U.S. tech companies. The Department of Justice’s news release did not disclose the specific victims.
“Rapper Bot” was controlling approximately 65,000 to 95,000 infected devices and using them to send a massive amount of data, about 2 to 3 terabits per second, in order to overwhelm the target’s bandwidth, according to prosecutors. At least five infected victim devices were believed to be in Alaska, investigators said.
Foltz is charged with one count of aiding and abetting computer intrusions, prosecutors said. If convicted, he could face up to 10 years in prison. It wasn’t immediately clear if Foltz has legal representation.
Special Agent in Charge Kenneth DeChellis of the Department of Defense Office of Inspector General said the charge against Foltz highlights efforts to “disrupt and dismantle emerging cyber threats targeting the Department of Defense and the defense industrial base.”
The case is part of Operation PowerOFF, an ongoing international law enforcement effort aimed at dismantling criminal DDoS-for-hire infrastructures worldwide, authorities said.
In December 2024, federal authorities seized 27 internet domains associated with DDoS-for-hire services and charged two people who allegedly oversaw the services.
(Except for the headline, this story has not been edited by PostX News and is published from a syndicated feed.)
