BotNet News

Your source for Online Security News

Botnet

A botnet is a network of computers or Internet of Things (IoT) devices that have been infected with malware and remotely controlled by attackers. Hackers often use botnets to send spam, launch Distributed Denial of Service (DDoS) attacks and steal data. They can also be rented out to other cybercriminals.

To infect a device with bot malware, bad actors first exploit vulnerabilities in the device’s operating system or web browser. Once infected, the device will connect back to a bot herder via a communications protocol such as Internet Relay Chat (IRC) or HTTP. The bot herder will then receive automated commands from the C&C server, and the device will carry out those instructions.

In recent years, botnets have been created from IoT devices such as printers, routers and home automation systems that are connected to the Internet. For example, the Mirai botnet used Linux IoT devices such as cameras and routers to flood targets with traffic to cause DDoS attacks. This botnet has been blamed for a number of Internet outages including Krebs on Security, the French web host OVH and DNS provider Dyn.

To make botnets easier to control, attackers have evolved the technology. Instead of communicating with a central C&C server, many bots now communicate through existing peer-to-peer (P2P) networks that are already used for other online activities. This obfuscates the connection and makes it harder to identify the person or people in control. In addition, centralized bot programs may now be constructed using “smart contracts” that allow them to self-destruct when they are detected by security software.