BotNet News

A botnet is a network of malware-infected computers, smartphones, routers or other internet-facing devices that are controlled remotely by a cyber attacker. They are then used to launch coordinated attacks, such as distributed denial-of-service (DDoS) or phishing, or to steal information and money.

A cyber attack can be more devastating when it involves a large number of compromised devices. In the Mirai botnet attack, for instance, hackers used malware to infect 600,000 Linux CCTV cameras and use them to launch a massive DDoS attack on a journalist’s website. Any device with an internet connection that can be infected with malware can become part of a botnet, including smart home appliances, routers and even connected cars. Increasingly, these ‘Internet of Things’ devices are coming online with very little or no security, making them easy targets for botnet attacks.

There are several ways that botnets can infect devices, from file attachments to embedded links within emails and instant messages. Keeping an eye out for suspicious-looking links and treating every link as potentially harmful can help prevent a botnet infection.

Cyber criminals typically build their botnets using a client/server or peer-to-peer model. The client/server model relies on infected devices connecting clandestinely to a criminal command and control server to get instructions on how to attack, while the P2P approach has each device act as both a client and a server. The client/server approach is easier to detect and more susceptible to backtrack by defenders, so fraudsters have increasingly shifted to the P2P model.