BotNet News

A botnet is a network of infected devices, or “bots,” controlled by malware to perform illegal or malicious tasks like spamming, data theft, cryptocurrency mining, fraudulently clicking on ads, and distributed denial-of-service attacks (DDoS). Depending on its design, a bot can also spread from one device to another by itself.

There are many ways that a device can become part of a botnet, including exploitation of website vulnerabilities, Trojan horse malware infections, cracking weak authentication on connected devices, or through social engineering techniques like phishing emails. Once the malware infection is complete, the device becomes a “zombie computer” used to carry out various cyber attacks. Bots are controlled remotely by a cybercriminal, or “bot-herder,” via command and control. This can be centralized through the client-server model or decentralized through a peer-to-peer (P2P) network structure.

Centralized botnets rely on a single command and control (C&C) server that all infected devices (“bots”) connect to for instructions. This centralized approach is simple for attackers but vulnerable if the C&C server is taken down. P2P botnets use each device to act as both a client and a server, so they are more resilient to takedowns.

If you suspect that your device has become part of a botnet, you can regain control over it by running antivirus software on a safe backup and reformatting the system. You can also reduce risk by never clicking on links in messages, especially from unknown sources. Rather, manually input a link into your address bar or search for the official version of a message.