BotNet News

Your source for Online Security News

A botnet is a network of hijacked Internet-connected devices that have had malware installed on them to enable attackers to remotely control the device (or enslave it, as the case may be). Botnets are the underlying infrastructure for many different types of cyberattacks and are used for everything from stealing data to launching Distributed Denial of Service attacks.

Hackers gain control of these devices, also called zombie computers, by tricking them into installing malicious software. The malware allows hackers, known as bot-herders, to control the devices as part of a large network for illicit activities like spamming and generating traffic for Distributed Denial of Service attacks.

There are two main kinds of botnets: centralized and decentralized. The first generation of botnets were centralized and used one command-and-control server, or C&C, to operate the entire network. Today, most botnets are decentralized and use peer-to-peer communication to spread instructions across the network.

Bot herders typically acquire the malware through techniques like phishing emails, software and website vulnerabilities and trojan horses. They then spread the malware to as many infected devices as possible by exploiting these vulnerabilities. A good example of this is the Mirai botnet, which took over IoT devices running Linux and used them to flood servers with traffic causing widespread outages.

Most of the time, a person’s computer or IoT device gets caught up in a botnet without their knowledge. Once a device is enslaved by malware, it will start performing its illicit tasks, which can include stealing personal information to commit online scams, generating traffic for DDoS attacks, crypto mining and more. This is why having strong ingress and egress filtering practices is so important for your organization.