BotNet News

Cyberattacks are regularly making headlines, and it is possible for any internet-connected device to become a victim of an attack. Many of these attacks are automated and rely on massive networks of infected devices to execute various illicit actions, such as stealing data, server takeovers, spam email generation and distributed denial-of-service (DDoS) attacks. These attacks are executed through malware that is downloaded onto a computer or device, known as a bot. Once the bot has been installed, it can communicate with a remote website or server to receive instructions. This is referred to as the bot’s command and control or C&C server. The hacker or attacker, referred to as the bot herder, controls the botnet remotely. The bot programs are programmed to acquire updates, carry out instructions and transmit any stolen data back to the C&C server.

Once the bot program is installed, the infected device, also referred to as a zombie computer or a bot, will constantly monitor for instructions from the bot herder, via communication channels based on network protocols such as IRC and HTTP or peer-to-peer communications using P2P technologies like BitTorrent and Tor. The malware will automatically download any new instructions from the C&C server and follow them. This allows the bot herder to control large-scale botnets that can perform malicious activities such as launching DDoS attacks, spreading malware, harvesting credentials, or executing CPU-intensive tasks.

The popularity of bots has attracted a number of greedy hackers that build botnets to steal data, send out spam and engage in DDoS attacks. These hackers are able to rent or sell access to their botnets to other cybercriminals for a substantial financial gain.