cta quote button US

What is a Botnet?

A botnet is a collection of networked computers which work together to complete tasks. These tasks are usually repetitive in nature, or are otherwise structured to best take advantage of distributed computing resources. While some botnets are used for legitimate purposes, many are designed for malicious uses.

Malicious or illegal botnets are at the heart of many high-profile hacking incidents, such as the distributed denial-of-service attack which targeted Sony’s PlayStation Network in 2014. They can also be used to distribute e-mail spam, generate false clicks on advertising networks, and to hide other malicious activity. Illegal botnets are big business stealing computing resources from legitimate owners and turning them into profits for malicious hackers.

How Botnets Work

if_1046_-_Online_Work_2200272Nearly all illegal botnets recruit member machines by tricking their users into executing malicious code. This code may be delivered via a web page designed to take advantage of a flaw in the user’s browser, or it may be executed as part of a “Trojan horse” program which masquerades as legitimate software while infecting the computer.

Once these computers are compromised, they reach out to a central “command-and-control” server to receive further instructions. Usually, this means downloading and installing additional software behind the user’s back. Once installed, this software gives hackers total control over the machine, allowing them to execute whatever commands they wish.

Because using only a single command-and-control server could leave the botnet vulnerable to a “takedown” by an astute systems administrator or law enforcement agency, many employ a redundant, peer-to-peer architecture to protect themselves.

In any case, the command-and-control system of a botnet allows hackers to direct the activities of its individual computers as they see fit, without the consent or knowledge of the computers’ owners.

Common Uses of Illegal Botnets

if_scales_of_Balance_172544The most widely known use of illegal botnets is in distributed denial-of-service attacks. In a distributed denial-of-service attack, hackers use a botnet to overwhelm a computer or network with massive amounts of seemingly-legitimate traffic, aiming to prevent the target from servicing its intended users.

Another common use of illegal botnets is in generating and distributing e-mail spam. Because most responsible systems administrators configure their mail servers in a way which prevents outside users from using them to relay messages, this makes them off-limits to spammers. With access to a botnet, spammers can force the member machines to send e-mail on their behalf, circumventing any controls the systems administrators put in place.

In addition to e-mail spam, another profitable use of an illegal botnet is “click fraud.” In this case, the hackers establish several web sites designed to show advertising from one or more ad networks, then direct their botnet to these sites in order to artificially drive up clicks on the ads and increase their own revenue while advertisers pay the price.

Countering Illegal Botnets

if_crime-criminal-012_2668209Unfortunately, there is little an individual or small business can do to counter the activities of a botnet, beyond taking steps to prevent their own systems from being recruited. Ensuring that system updates are installed in a timely manner, monitoring your network for suspicious activity, and running trusted anti-virus and malware defense software is often all you can do.

The individual members of a botnet are usually scattered across the world, their locations so geographically diverse that no single jurisdiction has the authority to investigate or shut them down. And while some botnets employ a single command-and-control server, leaving them vulnerable to a takedown, more and more are using distributed peer-to-peer systems which require highly-coordinated efforts to dispatch.

Some computer and network security companies have releasee specialized tools to detect and combat botnets, but the most effective systems rely on expensive network appliances designed to analyze network traffic and warn administrators when they detect abnormal patterns of usage.

Despite these efforts and technologies, some botnets have persisted for years even after being discovered. For example, in 2012, the “Festi” botnet (originally designed to send e-mail spam) was estimated to consist of more than 200,000 computer systems, even though it had been discovered three years earlier.

Because of their persistence, the computing resources they steal, and the dangers they pose, botnets are among the most serious computer security threats out there. And while strategies do exist to detect and limit their activities, it’s unlikely they’ll lose their place as a top threat any time soon.

Need Inspiration? Check Out Some Related Projects and Tasks

Magento Developer (LATAM Candidates Only)

About us: Redstage is an e-commerce agency specializing in web design & development while Fulcrum's expertise lies in digitally transforming companies through a range of end-to-end software products. ... (Argentina)

Drupal Expert To Clean Hacked Website

Hi, I'm looking for a Drupal specialist who can remove a hack from my website(http://bit.ly/articlecube). Hidden pages are being made and indexed by Google. When a visitor comes to these pages, a 404 ... (Belgium)

E-commerce Website For Selling Protein Supplement

We want to build an e-Commerce website for selling protein supplements like mass gainers, proteins, shakers etc The website will be having different categories and brands, so that the user can buy ... (India)

Senior Backend Developer With 4+ Years Of Experience In

We're looking for a Senior Backend Developer with expert-level skills with Django and DRF. You'll be working with us full-time for a month, and you MUST be available to join us right away. We're ... (Egypt)

-
These results are based on the freelance jobs extracted from Upwork.

If you think your friends/network would find this useful, please share it with them – We’d really appreciate it.

Leave a Comment

We would be glad to get your feedback. Take a moment to comment and tell us what you think.