BotNet News

A botnet is a network of computers infected with malware, and controlled by attackers or cybercriminals. The hackers use the bots to carry out Distributed Denial-of-Service attacks, phishing campaigns and steal sensitive information.

Once compromised, each device in a botnet clandestinely connects to criminal servers – called Command and Control Servers – via one of two communication protocols: IRC or HTTP. These servers then transmit instructions to the bots. Bot herders recruit new devices into a botnet by using a variety of methods, including finding devices with vulnerable endpoints. These devices are usually internet-capable and lack the security features of conventional IT equipment – making them ideal targets for malicious actors. In fact, even traditional IT devices such as desktop and laptop computers can be recruited into a botnet, as well as more common items such as IoT sensors, cameras and routers.

Using botnets to evade detection and disrupt services is a common practice among criminals, but it’s possible to protect against the threat of infection. It’s a good idea to apply best practices for cybersecurity, including practicing hard-to-crack passwords and updating software.

You can also check for signs of potential compromise by monitoring system usage and looking for programs requiring a high amount of disk resources. If you see these, search the program name in Google to see if there’s an explanation. If you suspect your computer has been recruited into a botnet, the immediate course of action should be to cut off communication by cutting your internet connection (or switching over to wifi). In some cases, strategies for regaining control over a device include running a factory reset, reinstalling software from a safe backup or reformatting the device.