BotNet News

Your source for Online Security News

A massive network of Internet-connected devices infected with malware and remotely controlled by a hacker or cybercriminal. They can be used to carry out a variety of illegal actions including data theft, unauthorized device access, generating fraudulent traffic for distributed denial-of-service attacks (DDoS), spam email generation, and more. The attacker controls the bots through a covert channel accessed by a command and control (C&C) server or peer-to-peer network approach.

Candidates for becoming a zombie device include traditional computers running operating systems such as Windows, Mac, and Linux, as well as mobile devices, routers, Internet of Things (IoT) hardware, and even critical infrastructure equipment. Hackers build a botnet by spreading malware through methods such as web downloads, exploit kits, and popup ads to infect devices with malware that can be controlled by a hacker. The infected device then connects to the C&C or P2P network through communications protocols such as IRC and Internet Relay Chat and waits for commands from a bot herder.

While some hackers create botnets for their own benefit – such as to steal credentials for online banking and e-commerce accounts or to conduct financial fraud – others sell access to large networks of zombie devices to other cybercriminals on a rental or outright sale basis to be used in large scale attacks. Other criminals use botnets to bolster their reputation as hackers and gain the respect of others by showing off their hacking prowess in attack-for-hire forums or online.