Between February and August, the #Eleven11 was on the news. Using the parallel #DNS root #OpenNIC was nothing new for a botnet. Yet, this botnet was the first known botnet of it's size using the OpenNIC system.
We summarized insights in a new blog post: 161 Days of Eleven11
DDoS Botnet Aisuru Blankets US ISPs in Record DDoS
https://krebsonsecurity.com/2025/10/ddos-botnet-aisuru-blankets-us-isps-in-record-ddos/
#U.S.DepartmentofJustice #InternetofThings(IoT) #CharterCommunications #GlobalSecureLayer #LatestWarnings #TheComingStorm #ErikBuckingham #StevenFerguson #DDoS-for-Hire #ddos-for-hire #ProjectShield #rolanddobbins #RobertCoelho #WebFraud2.0 #9gigsofram #Botshield #Minecraft #ProxyPipe #RapperBot #TCPShield #NETSCOUT #T-Mobile #Totolink #Comcast #Verizon
Rekord-#Botnet abgeschaltet: 22-Jähriger aus Oregon beschuldigt | Security https://www.heise.de/news/Rekord-Botnet-abgeschaltet-22-Jaehriger-aus-Oregon-beschuldigt-10550417.html #DDoS #Malware #CyberCrime #RapperBot
RapperBot Botnet Disrupted, American Administrator Indicted
https://www.securityweek.com/rapperbot-botnet-disrupted-american-administrator-indicted/
#Infosec #Security #Cybersecurity #CeptBiro #RapperBot #Botnet
Oregon Man Charged in ‘Rapper Bot’ DDoS Service
#RapperBot
https://krebsonsecurity.com/2025/08/oregon-man-charged-in-rapper-bot-ddos-service/
Rapper Bot just evolved: from hijacking home devices to powering crypto mining and launching thousands of massive attacks worldwide. How are authorities turning the tide on this cyber threat?
https://thedefendopsdiaries.com/the-evolution-and-impact-of-the-rapper-bot-malware/
#DOJ takes action against 22-year-old running #RapperBot #Botnet
https://securityaffairs.com/181342/cyber-crime/doj-takes-action-against-22-year-old-running-rapperbot-botnet.html
#securityaffairs #hacking #malware
A 22-year-old from Oregon built a DDoS-for-hire botnet so massive it launched 370,000+ attacks across 80 countries.
Powered by 95,000 hacked devices, “#RapperBot ” could blast traffic at 6 Tbps—enough to cripple major platforms.
The FBI just shut it down.
#CyberAttacks #botnet
https://thehackernews.com/2025/08/doj-charges-22-year-old-for-running.html
Oregon Man Charged in ‘Rapper Bot’ DDoS Service - A 22-year-old Oregon man has been arrested on suspicion of operating “Rapper Bot,”... https://krebsonsecurity.com/2025/08/oregon-man-charged-in-rapper-bot-ddos-service/ #defensecriminalinvestigativeservice #neer-do-wellnews #alittlesunshine #elliottpeterson #ddos-for-hire #projectshield #ethanj.foltz #rapperbot #slaykings #google #paypal #forky #gmail
Oregon Man Charged in ‘Rapper Bot’ DDoS Service
https://krebsonsecurity.com/2025/08/oregon-man-charged-in-rapper-bot-ddos-service/
#DefenseCriminalInvestigativeService #Ne'er-Do-WellNews #ALittleSunshine #ElliottPeterson #DDoS-for-Hire #ProjectShield #EthanJ.Foltz #RapperBot #Slaykings #google #Paypal #Forky #gmail
#RapperBot is no more: https://www.justice.gov/usao-ak/pr/oregon-man-charged-administering-rapper-bot-ddos-hire-botnet
(I had been wondering why the C2 nodes were being rude to our tracking clients since August 6. Now I know!)
Quick nod to the brilliant folks at @nicter_jp and @xlab_qax: their latest research shows #Eleven11bot is really the next #Rapperbot evolution, leveraging a brand‑new device family.
Teamwork in action 👉 https://blog.nicter.jp/2025/06/rapperbot_2025_2g/ | https://blog.xlab.qianxin.com/rapperbot-en/
A record-breaking #DDoS attack just slammed a hosting provider with 7.3 Tbps of traffic.
It lasted 45 seconds—and bombarded 34,000+ ports per second.
Cloudflare blocked it. But #RapperBot is just getting started. #CyberAttacks #botnet https://thehackernews.com/2025/06/massive-73-tbps-ddos-attack-delivers.html
🤖 #DeepSeek's shaken up the entire AI scene in less than a week. Now it's facing massive cyber attacks
We've investigated the timeline and analyzed #HailBot and #RapperBot, the botnets behind the latest disruptions ⬇️
The latest variant of the #RapperBot #botnet adds #cryptojacking capabilities
https://securityaffairs.com/146207/malware/rapperbot-botnet-adds-cryptojacking.html
#securityaffairs #hacking #malware
#rapperbot
9cd7c3380a41e08b4730fa19e110af06
005f0aafeff523f7c4f03ee55347782d
d9fa7e2d408784614c49b9ea696c251c
4e7be1b81e6c6c9e2c2da802789fdffc
fbfb0671edc84fb784409b9f398e65f4
82828c8dd607f4558d234ca57b2baac2
1d91d3d0d88bd216634f7261f1755c63
#rapperbot
e996bbe2ebde333ee6c7ba78e4fb5e63
2a0dace3cfe5115995f26768f711f011
d9fa7e2d408784614c49b9ea696c251c
82828c8dd607f4558d234ca57b2baac2
4e7be1b81e6c6c9e2c2da802789fdffc
005f0aafeff523f7c4f03ee55347782d
d6a680ac64ad4917992d6d457d840d71
fbf9881a2161407473b164c3494facd1
bdb47579bf505bdf212cf1301790c9aa
5305de8bfe68d7432c2f085cbe5eedf9
#RapperBot Targets Game Servers with Modified #BruteForce and #DDoS #Attacks. #RapperBot #IoT #botnet is back with new capabilities that include launching #DDoS #attacks against game servers. It is heavily influenced by the #Mirai #botnet and has been active since mid-July
https://cyware.com/news/rapperbot-targets-game-servers-with-modified-brute-force-and-ddos-attacks-4294e924/?&web_view=true
#security
Warning: New RapperBot Campaign Aims to Launch DDoS Attacks at Game Servers
https://thehackernews.com/2022/11/warning-new-rapperbot-campaign-aims-to.html #Cybercrime #Malware #RapperBot #DDoS
New Linux #malware, focused on IoT: https://www.fortinet.com/blog/threat-research/new-rapperbot-campaign-ddos-attacks
The #osquery rules we've open-sourced at https://github.com/chainguard-dev/osquery-defense-kit already have your back.
Here are the alerts that will fire when a node is infected with #RapperBot:
- hidden-executable
- unexpected-exec-dir
- sketchy-fetchers
- unexpected-executable-permissions
- unexpected-talkers
