BotNet News

A botnet is a network of devices, such as PCs, mobile phones and Internet of Things (IoT) gadgets, infected by malware. Once hijacked, these devices are controlled remotely by cybercriminals and used to carry out automated tasks that largely remain hidden from the device users. These tasks may include sending spam emails, carrying out click fraud campaigns and generating malicious traffic to launch denial-of-service (DDoS) attacks.

The initial step of a botnet build is when hackers infect the victim’s device with malicious software. Typically, this is done by clicking a link in an email, text message or social media post that leads to a malicious website or download. More sophisticated hackers may also use exploit kits, drive-by downloads or DNS cache poisoning.

Infection usually enables the hacker to connect back to a command-and-control (C&C) server. Using communication protocols, such as Internet Relay Chat (IRC), they can then send automated commands to the infected device. In centralized botnets, the infected device is often programmed to remain dormant until instructed to engage in a cyberattack.

More advanced botnets are built using a decentralized model that spreads instruction responsibilities across all zombie computers or devices, rather than being sent from one central server. This helps obscure the identity of the bot herder party and makes the botnet more difficult to take down.