What is a Botnet?
A botnet is a collection of internet-connected devices, such as computers, servers, mobile devices and even internet of things (IoT) hardware, whose owners are unaware that their devices have been hijacked by malware used to carry out a variety of nefarious activities including click fraud, spamming and distributed denial-of-service (DDoS) attacks. These devices are controlled remotely by cybercriminals and remain dormant until commanded to attack.
To create a botnet, hackers exploit vulnerabilities in software or systems to gain access to a device and then install malware. Once infected, the device becomes a “zombie” that is controlled remotely by a malicious hacker known as a bot herder.
Depending on how the bot herder sets up his or her network, it can be centralized or peer-to-peer (P2P). A centralized network works by communicating with infected devices using a command and control server. However, attackers have increasingly turned to P2P botnets, as they can be more resilient and difficult to shut down because each bot acts as a client as well as a server by communicating directly with other bots in the network.
The proliferation of cheap, internet-capable hardware makes it an attractive target for malicious actors who use botnets to accomplish their objectives. To reduce your risk of infection, make sure to keep your operating system and web browser updated and avoid purchasing cheap or unreliable hardware that doesn’t receive long term software support. Rebooting your router on a regular basis can also help to ensure it hasn’t been compromised by malware.