BotNet News

Botnets are an increasingly popular and dangerous form of malware, allowing cyber criminals to automate many illegal actions. These include data theft, sabotage of services, spam email generation and malicious traffic creation for distributed denial-of-service (DDoS) attacks.

The most simple types of botnets operate on a client-server architecture, where one command and control (C&C) server controls the entire network. This structure makes it easier for law enforcement to locate the C&C server and sever the communication link between the bot herder and infected devices, thus stopping the botnet.

Other types of botnets use a decentralized peer-to-peer structure. This is easier for defenders to identify and stop, but it can lead to more problems as the herder seeks out infected devices.

In the most basic model of a P2P botnet, each infected device communicates with other infected devices via a list of addresses. Those devices share updates and information with each other, making it easy for the herder to direct the zombie computers to execute coordinated illegal actions.

Often, these zombie computers will attempt to connect to the herder through a variety of methods, including phishing emails, exploit kits, and click fraud campaigns. Once connected, the herder can send the infected devices a single centralized instruction, like starting a DDoS attack or downloading additional software.

These infections can also cause users’ devices to slow down or crash. It’s important to check for unusual programs using high amounts of disk resources, especially if it’s something that you don’t recognize.