BotNet News

A botnet is a group of computers, IoT devices, smartphones and other internet-connected hardware infected with malware and under the control of one person or entity (bot-herder). The hacker uses the collective computing power of the bots to carry out cyberattacks on a much larger scale.

Bad bots infect devices through phishing scams, software vulnerabilities and exploiting default credentials on routers or IoT devices. The bots then communicate with command and control servers (C&C), from which they receive instructions.

Once the commands are issued by the bot-herder, the bots start carrying out activities ranging from stealing passwords to spamming friends and family, to launching Distributed Denial of Service attacks (DDoS) to take websites or services offline. The bots can also be used to click on fake ads to earn money or spread ransomware and spyware.

Botnets can be centralized or peer to peer. Centralized bots use a single C&C server to distribute instructions to infected computers. This makes them easier to manage, but if the C&C is taken down, the entire botnet can collapse.

Peer to peer botnets use a list of trusted computers with which they can give and receive communications and update their malware. P2P bots are more resilient to takedown attempts, and some have incorporated encryption for security. You may spot signs of a botnet when your device becomes sluggish and takes longer to open apps, or notice increased data usage even when you’re not online.