BotNet News

A botnet is a network of Internet-connected computers (PCs, laptops, servers, mobile devices and Internet of Things (IoT) gadgets) infected with malware and under the control of cybercriminals. Threat actors use this vast army of hacked machines for specific functions that remain hidden from the device owners, such as stealing money or data; performing click fraud on online ads; and generating traffic to target and disrupt websites and servers in distributed denial-of-service attacks (DDoS).

The threat of botnets is widespread because hackers can infect virtually any Internet-connected machine: computers, smartphones, smart televisions, IoT gadgets and more. Infection often happens when users click on links in suspicious emails, download third-party software from unknown sources or run applications that are not approved by the device manufacturer.

Once a computer or IoT device is infected, the malware connects to a server that communicates automated commands to the bots in the network. Traditional botnets rely on a client-server model, with the C&C server sending preconfigured commands to infected devices via communication protocols like Internet Relay Chat (IRC) or other management channels. As these centralized models have been increasingly targeted by security products and services and taken down, hackers have evolved their botnet structures to use P2P and other methods of communicating between infected devices.

These new methods of botnet communications can be difficult to spot and shut down. That’s why it’s important to stay vigilant by keeping operating systems and other applications updated, using antivirus software, and following strategies for removing malware from PCs or IoT devices, such as reformatting the machine, running a factory reset or reinstalling the original firmware.