BotNet News

A botnet is a network of computers and internet-connected devices (known as bots) that have been infected with malware by cybercriminals. Once compromised, hackers, known as bot herders, can control the bots remotely without the device owners’ knowledge or consent to perform a variety of malicious activities.

A common use of a botnet is to conduct click fraud or deliver ransomware. Other attacks include crypto mining, spamming, and DDoS. You may notice that your computer or device becomes sluggish or takes longer than usual to open applications, or you may see unusual spikes in data usage. These issues are caused by malware using your device’s processing power and battery to perform tasks on its behalf.

Understanding botnets and the ways they attack can help you identify suspicious activity and mitigate threats. Botnets can take different forms based on how they are built and controlled.

Client/Server Model Botnets rely on a central server that controls all infected machines. This server is called a command and control (C2) server. Pros for attackers: It’s simple to operate and difficult to destroy. Cons: If the C2 server is taken down, the entire botnet can collapse.

Decentralized Model Botnets rely on peer-to-peer (P2P) networking that connects infected devices directly to each other, rather than to a central server. Each device acts as both a client and a server, making it harder to locate and destroy.

Typically, bad actors infect systems by exploiting vulnerabilities found in websites, software, and/or user behavior. Often, this involves using breached credentials or dictionaries to automatically guess passwords on online accounts. IoT devices are particularly vulnerable to this type of attack because many discount manufacturers hardcode their firmware so that it is not upgradable or can be flashed with new firmware.