What is a Botnet?
A botnet is a massive network of devices that has been infected with malware and is controlled remotely by an attacker. Attackers use the bots to perform various attacks like Distributed Denial of Service (DDoS), steal data, or simply act as spammers. Bots can be created using any internet-connected device such as computers, routers, gaming consoles, mobile devices, and even cars. The attackers can control the bots from a central server or through a peer-to-peer network approach.
Usually, hackers create bots by corrupting the devices with malware that will allow them to communicate with an external program or website. The bot software on the infected devices then contacts a server or website to both receive instructions and transmit data back to the attacker. This centralized command model was used in early botnets but was eventually shut down by global law enforcement and security agencies. Now, most attacks use the peer-to-peer network approach that requires bots to be able to communicate with each other.
Once hackers control a device they can use it to perform automated attacks that can be extremely difficult to stop. For example, DDoS attacks are often powered by large networks of infected devices ranging from personal home routers to entire ISPs. Other common attacks include credential stuffing which uses breached user credentials to gain unauthorized access to websites, and form grabbing which harvests information from insecure sites for use in other crimes such as identity theft.