BotNet News

Your source for Online Security News

Botnet

A massive network of compromised systems that are controlled by a single attacker and used to carry out a variety of illicit activities including data theft, e-commerce fraud, identity theft, server failure, malware propagation, spam email generation and distributed denial of service (DDoS) attacks. Threat actors gain access to systems in the botnet through phishing, scams, password hacking, fake software update websites and trojan horse viruses.

The attacker is known as a “bot herder” and the infected devices are referred to as a bots. A bot herder can remotely control the bots from a central location using a command and control (C&C) center.

A C&C can be established on a number of different ways including Internet Relay Chat (IRC) networks, web servers and domains, peer-to-peer file sharing or through the use of proxies or the Onion Router. Older centralized methods of C&C involve sending instructions from a central server to each bot on a large scale, while more recent bot herders are opting for decentralized models that allow them to communicate with their bots through the use of multiple zombie computers that are spread across a wide range of networks and geographic locations.

Any device that can be connected to the Internet and is capable of running a program is at risk of becoming part of a botnet. This includes PCs, mobile devices such as smartphones and tablets, smart TVs, security cameras, audio equipment, routers and even internet infrastructure hardware such as power grid controllers. With more and more devices on the market that gain network functionality and are susceptible to malware infection, the scope of attack increases.