What are Botnets?

Botnets are networks of interconnected, autonomous and automatically infected computers used to carry out malicious digital activities such as denial of service attacks, spam or even further malicious software distribution. However, even if the term “botnet” tends to be known mostly for its notorious meaning it is widely known that the same term can also be used when referring to distributed computing, which is actually very similar to what a malicious botnet does.

While the term botnet can be used to identify any type of collection of multitude of automatic software bots, the term is mostly used to identify a collection of compromised computers that are used for malicious purposes without the end-users consent or awareness. While a bot typically runs as a hidden process on a compromised PC, it is communicating with its operator via covert communication channels such as IRC, twitter or instant messaging and awaits commands by monitoring such public communication locations for new input.

As a result, once the botnet operator decides to instruct a command to all compromised computers he will be able to do so by writing a set of commands or instructions that once identified by the bots will be used to trigger certain events on compromised machines. Usually, there are several botnet server used to lease the communication between botnet operator and compromised machines. For this reason, in a large scale botnet infrastructure there may be a considerable amount of servers used to control the infected machines, all linked together for increased impact of its functionality set.

Even if botnets are usually created for malicious purposes they do have a certain topology that distinguished one type of botnet from another. Some of the most frequently encountered topologies of malicious botnets are:

  • Star
  • Multi-server
  • Hierarchical
  • Random

In order to avoid the risk of getting your computer as part of a malicious botnet it is recommended to avoid downloading or installing unknown software from misleading websites that may try to trick you into such a scam. Additionally, for increased security, it is recommended to always keep an antivirus monitor active on the system in order to be able to detect and stop the execution of a possible botnet Trojan before it manages to affect the entire operating system’s functionality.

Tags: , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *