A Botnet(Robot Network) is a special network of computers, all infected by the same malware(keyloggers, computer virus etc.). It can be controlled by one attacking party also called “bot-herder” forming the client-server architecture.Each device of the network is called bot(robot).Bot-herder can command every device on its botnet that simultaneously carries out the action on every bot.
In the peer-to-peer architecture of botnet, systems are interconnected with each other.
Botnets start from one device(bot-herder) which sends the malware to an unknown recipient via email, social media or other bots.on opening the file the bot reports back to the central device where bot herder dictates the commands and control the infected device.
Size may be comprised of millions of bots.The largest botnet taken down was the DNSChanger had networked 4 million devices all over the globe.
TARGET DEVICES ON BOTNET:
Virtually all the devices connected to the Internet are susceptible.these include laptops, servers, desktops, routers, smartphones or any other device which can conduct malicious activity.Bot-herder can track all the activities on your device from including keystroke monitoring without the knowledge of user by ‘command and control’ instructions.Usually, the intent behind creating botnets is financial gain or attack on websites.Botnets are popular among cybercriminals because of the size, multiple access, and easy hiding.
HOW DOES A SYSTEM ACT ON BOTNET:
An infected computer depending upon what is the target of cybercriminals. Many are designed to get information such as passwords, credit card numbers, telephone numbers, social security numbers, addresses and other information. The gathered information is then used for illegal purposes like identity theft, spamming, credit card fraud, and malware distribution.Bot-herders sell all this information on the black market for significant financial gains.
Botnets are insidious and hard to detect. Cybercriminals hide their malware in for the maximum infection.In past, slow performance and advertisements were considered signs of infection but nowadays no such nuisance is created by hackers.
COMMON ACTIONS OF DIFFERENT BOTNETS:
- DDoS Attacks:multi-systems submit the request to a single server or computer thereby overloading it.Legit requests become inaccessible to the user.Distributed denial-of-service attacks target organizations and political moves.
- Spyware: typically used to breach financial data like credit card numbers. ZeuS botnet was the financial botnet which stole millions of dollars from enterprise in a very short period of time.
- Email Spam: one of the oldest methods which send out spam emails and malware.The capability of a botnet can be in billions of messages per day.
- Automatic self-spreading to intensifies the infection on large scale.
HOW TO PREVENT BOTNETS:
100% protection of the computer is not possible, only steps can be taken to reduce the risks of infection.
The national cybersecurity education and awareness campaign: STOP.THINK.CONNECT provide tips:
- Automatic Updates and Latest Operating Systems and install anti-malware protection
- Plug and scan every time external media is connected to a computer.
- Protect other devices like smartphones, gaming systems, and tablets by updating OS and applications.
- Delete all the online communications looking suspicious like social media posts, emails or messages
- If a device appears bot-infected, try to remove malware immediately.