BotNet News

A Botnet is a network of hijacked internet-connected devices infected with malware that allows a hacker/cybercriminal to remotely control them. The enslaved devices are known as Bots, and the hacker/cybercriminal is called the Bot herder. Bots can be used to launch automated attacks, such as Distributed Denial of Service (DDoS) attacks, crypto mining and password guessing attacks.

Once a device is infected, the Bot malware will connect to a server controlled by the Bot herder and listen for instructions. These commands may come from many sources, such as data posted to websites, social media channels and responses to DNS queries. Once a command is received, the bot will execute the attack or task assigned to it by the bot herder. Some older botnets were centralized and communicated with the bot herder using a client-server model, but this has become less common as global law enforcement agencies have seized and shut down these servers. Newer botnets use peer-to-peer (P2P) models and communicate with each other instead of communicating with a central server.

Cybercriminals build Botnets for a variety of reasons, including stealing money or personal information, launching DDoS attacks and click fraud, and committing other illegal activities. One of the most notorious examples is the Mirai botnet, which abused IoT devices to take many websites and services offline.

If you think your computer is being recruited into a botnet, the first step is to check the disk usage of your computer for unusually high amounts of bandwidth. In the Windows Task Manager, click the Disk tab and sort programs by disk usage to view a list of programs that are consuming resources at an unusual rate. If a program is using more than about 3MB/s, it is likely a botnet malware infection.