What is a Botnet?
A botnet is a network of infected computers or devices that are remotely controlled by cybercriminals. It is usually used for malicious purposes such as sending spam, stealing data, ransomware, fraudulently clicking ads or distributed denial-of-service attacks.
Cybercriminals usually create and operate a botnet for money or for their own personal gain. However, some just want to cause harm to others. They will use the botnet to exploit various vulnerabilities including websites, software and even hardware devices. Botnets are self-propagating and can spread malware to other hardware devices in the same network.
Once infected, a device will begin performing tasks as instructed by the bot-herder. These tasks range from sending spam to cryptocurrency mining and can also affect other devices in the same network. These activities consume a lot of bandwidth and can result in sudden spikes or dips in Internet speed.
The most common way that a device can get infected with botnet malware is through malicious email attachments. This is why it’s a good idea to keep your antivirus software up-to-date. Also, always be careful when opening emails and don’t click on suspicious links in texts or social media messages.
Most of the old-school botnets run on the client-server model where each infected device communicates with a central server to receive instructions. The server then relays the commands to other infected devices in the botnet. Newer botnets are designed to be fully decentralized and work over peer-to-peer (P2P) networks. This removes the single point-of-failure in centralized models and allows for more effective mitigation strategies.