Protecting Against Botnet Malware
If your computer seems to be using more resources than usual, it could be a sign that you are infected with botnet malware. Fortunately, protecting against this threat requires ongoing efforts similar to those needed for protection against other types of malware.
A botnet is a group of connected devices, such as computers or Internet of Things (IoT) systems, that have been infected with malicious software that allows attackers to control the devices remotely. Attackers use a variety of methods to infect devices, including file sharing, email, and social media application protocols.
Bots are infected devices that communicate with a central command and control server, or C&C. The bots are programmed to perform a variety of tasks, such as downloading files, spamming, stealing sensitive information, spying, click fraud, and other cybercriminal activities. The bots are also used to launch distributed denial-of-service attacks, which can take down websites and even entire networks.
Bots are controlled by the bot herder, who may be a hacker or someone with access to the infected system. The herder may choose to create a centralized model where the server provides instruction to the bots in a hierarchy, or a peer-to-peer (P2P) model where each device acts as both client and server and shares instructions with adjacent devices. P2P bots are more difficult to detect than centralized models and can be used for many different purposes. The herder’s motivation for creating a botnet parallels most other cybercriminal activity—to make money, to steal something valuable, or to cause disruption.