Federal prosecutors have put the spotlight on a 22-year-old man from Oregon, Ethan Foltz, over his alleged control of an extensive botnet accused of taking down Elon Musk’s social-media site, X, just this year.
Reportedly hailing from Eugene, Oregon, Foltz ran what’s known as the Rapper Bot network, and as of now, he hasn’t commented on the allegations. The legal implications are serious, with the prosecutor’s office indicating he could face up to ten years in prison for aiding cyber intrusions.
The Rapper Bot network is no small fry; it comprises tens of thousands of hacked devices capable of generating a barrage of junk traffic to overwhelm targeted websites, a tactic known as distributed denial of service (DDoS) attacks.
In a remarkable instance back in February, Nokia measured traffic from a Rapper Bot attack hitting a gaming platform at an astonishing rate of 6.5 trillion bits per second—that’s way higher than the average high-speed internet connection that usually peaks at a few hundred million bits per second.
According to a criminal complaint filed Tuesday in Alaska, the Rapper Bot network ranks among the heftiest DDoS botnets ever observed.
Law enforcement officials explained that the alarming firepower of Rapper Bot overshot all but the most heavily fortified networks. Tom Scholl, an esteemed engineer at Amazon Web Services, noted, “For smaller organizations without the resources of major cloud providers, these DDoS assaults can cause significant operational disruptions.”
Investigators say Foltz allegedly rented this powerful botnet to paying clients, some of whom were gambling site operators engaging in extortion schemes.
The botnet is reported to have conducted more than 370,000 attacks across 80 countries, prominently including the U.S., Japan, and China, mostly exploiting hacked routers and security cameras instead of standard computers.
High-stakes targets included various entities such as government networks in the U.S., a noted social media platform, and numerous tech companies in the country.
The blacklist didn’t stop at X; the AI firm DeepSeek counted itself among the victims, according to reports from the Chinese cybersecurity company Qi An Xin Technology, both companies haven’t issued comments just yet.
Furthermore, the botnet was implicated in attacks on the Defense Department’s systems on at least three separate occasions as indicated in the complaint.
As Jérôme Meyer, research analyst at Nokia’s Deepfield network said, “At its peak, the network tapped into tens of thousands of devices, many of which had no previous involvement in such attacks. Eliminating this setup would significantly reduce one of the biggest attack threats we’ve been witnessing.”
For any inquiries, you can reach Robert McMillan via email at robert.mcmillan@wsj.com
