BotNet News

Your source for Online Security News

Cyberattacks are regularly making headlines as hackers wreak havoc on users and businesses. These attacks range from phishing to DDOS and even password attacks. A particularly dangerous type of attack is a botnet, a network of hijacked devices controlled by malware and enslaved to carry out cyberattacks without their legitimate owners’ knowledge.

A botnet is an army of devices – normally computers and smartphones – that have been infected by malware, converting them into “zombie” machines that can be remotely controlled to do illegal tasks. Hackers – called bot herders – use the large number of enslaved devices in a botnet to perform distributed denial of service attacks, data theft, spam email creation and propagation and online fraud.

When a device is infected by bot malware, it is able to communicate with the herder via an Internet Relay Chat channel and specialized software client. The herder then issues instructions for the bots to execute an attack. The instructions can vary depending on the bot herder’s goals. Typically, the herder gathers keystrokes to steal account credentials or uses form grabbing to collect personal information from web forms.

Traditionally, botnets were set up using the client-server model in which the herder contacted a single server that was contacted by infected devices to receive and send commands. However, as security vendors and law enforcement tracked and shut down the centralized servers, bot herders started to move towards decentralized command-and-control (C&C) models such as P2P.