BotNet News

A botnet is a massive network of hijacked Internet-connected devices (including computers, tablets, smart phones, connected TVs, soundbars, and wireless CCTV cameras) that have been injected with malware, allowing attackers to control them remotely without the device owners’ knowledge. These bots, also referred to as zombie armies, are often leveraged by attackers for various cyber attacks.

Bots can be created through phishing campaigns, malware, or software and website vulnerabilities. Many of these bots will remain dormant until a herder needs more bots to execute a malicious attack. Herders can use their botnets for anything from stealing personal data to DDoS attacks and other malicious activities.

Hackers need large amounts of resources to launch their mass attacks. Instead of waiting for Black Friday computer sales and maxing out their credit cards to purchase hundreds of machines, they usually utilize botnets.

The bots in a botnet communicate back to their herder through a covert communications protocol, such as Internet Relay Chat (IRC). This communication is known as command and control. The bot herders can then send instructions to their army of robots. The bots will then follow these commands, which can include stealing data, sending spam, or attacking websites.

Some botnets are centralized, while others are decentralized or peer-to-peer (P2P). A centralized approach makes it easier for cybersecurity vendors and law enforcement to identify and shut down the herder. A P2P approach, however, is more difficult to locate and take down.