BotNet News

Your source for Online Security News

A botnet is a network of infected and enslaved devices that cyber criminals use to perform a variety of illegal tasks. These include data theft, spam email generation and distributed denial of service (DDoS) attacks.

Malicious botnets start with malware infections on victims’ machines or devices (zombies) using tactics like phishing emails, software and website vulnerabilities and trojan horses. In stage 2, a hacker known as a bot herder establishes a covert channel between the infected device and a command and control server.

The herder’s commands are then executed through the server, which in turn controls the botnet’s clients. There are two basic botnet models: client/server and peer-to-peer (P2P). Client/server models have one central control point that is relatively easy for defenders to locate and disrupt.

P2P botnets, on the other hand, are topologically interconnected and use a decentralized approach to control their client computers. Each bot, or zombie machine, carefully probes random IP addresses until it connects with another infected computer and shares information.

While desktop and laptop computers have long been popular candidates for botnet construction, modern technology allows hackers to infect almost any Internet-connected device that has network capabilities. This includes mobile phones, DVRs, smartwatches and even household appliances with integrated Wi-Fi. Unless they’re secured with strong passwords and updated with the latest security patches, these devices can be easily recruited to join a botnet. Those recruited can then be used to attack other machines and generate malicious traffic, which is often sold or rented as part of DDoS and spam attacks for a significant profit.