BotNet News

A botnet is a network of Internet-connected devices — such as computers, smart TVs and digital video recorders — that are infected with malware and then remotely controlled by attackers. The attackers, also known as bot herders, use the network to perform attacks or steal data, such as credentials for unauthorized access to systems and services. Attacks may include DDoS (distributed denial of service) assaults, data theft and spam email distribution.

Attackers often infect devices with bot malware through methods such as web downloads, exploit kits and popup ads. Once a device is infected, it can receive instructions from the bot herder through established network protocols such as Internet relay chat (IRC), Telnet and ordinary HTTP.

As botnets become more sophisticated and communication methods more complex, bot herders have adapted to make it harder for law enforcement and security vendors to track and disrupt the centralized command-and-control (C&C) servers that control their bots. Instead, some botnets communicate with each other via P2P networks that obfuscate the traffic.

In addition to DDoS attacks and spam, botnets can be used for other bad purposes, such as ad fraud or stealing credentials from users who unwittingly share the information through social media platforms or online forums. Protecting against these threats requires a sustained effort, similar to protecting against other types of malware. Detecting bot activity can be difficult, but it is important to monitor system usage and performance to look for abnormal behavior that could indicate bot infection.