If not redirected, please click here https://www.thesecuritybuddy.com/malware-prevention/what-is-a-botnet/
A Botnet is a group of internet-connected computers, which communicate with each other to complete some repetitive tasks.
A Botnet is a group of internet-connected computers, which communicate with each other to complete some repetitive tasks.
Normally, this term is used in negative connotation and it indicates a group of computers which are affected by malware and their computational resources are used for other illegal activities like performing DoS Attacks, sending spams etc without the computer owner's knowledge.
The term Botnet is widely used in
Internet Relay Chat. This is where the term was born. But, later
similar concepts started getting used by attackers for performing
attacks and other illegal activities.
How does a computer become a Bot ?
A computer becomes a bot when the computer
unknowingly gets infected by a malware like virus,
worm or trojan.
Computer viruses attach themselves with
other computer programs. So, when a user executes a virus infected
program, e.g. an infected Microsoft Word Document or an .exe file, the
computer gets infected by the virus. And after that, they
self-replicate themselves and infect more computers.
Computer worms spread themselves
through the network, taking advantage of security vulnerabilities of
various programs. And trojans
spread themselves by using social engineering. By opening suspicious
email attachments, clicking on unverified links or downloading
software from untrusted resources they can infect a computer.
Sometimes, attackers even display falsified webpage ads of anti-virus
software and on clicking on it, it infects a computer.
And when a computer gets infected by
malware, it may be controlled by the attackers and used as a Bot.
How does a Botnet work ?
A Botnet's originator can control the
computers forming the Botnet through IRC or Internet Relay Chat. The
server that controls the Botnet is known as Command and Control
Server.
Botnet operators use some protocols to control the Botnet. These protocols include a server program, a client program and a program that embeds the client in the victim's machine. The computers of the Botnet communicate over the network, sometimes in an encrypted fashion so that it can remain covert.
Botnet operators use some protocols to control the Botnet. These protocols include a server program, a client program and a program that embeds the client in the victim's machine. The computers of the Botnet communicate over the network, sometimes in an encrypted fashion so that it can remain covert.
How is a Botnet created ?
- A computer gets infected by malware.
- The computer starts working as a Bot and logs into a particular Command and Control Server.
- A malicious attacker, say a DoS attacker purchases the services of the Botnet from the operator of the Botnet.
- The attacker instructs the operator to perform a DoS attack, for example, to redirect internet traffic of all those machines of the Botnet to the victim machine.
- A DoS attack is performed. The victim machine gets flooded with network packets, being unavailable for intended operations.
Purpose of Botnet
Computers in a Botnet can be used in
many illegal activities. Just to give some common examples :
- Sending spam emails.
- Performing DoS attacks.
- Advertising Adware without the user's knowledge and awareness.
- Stealing sensitive information through Spyware.
- Generating false web traffic through Click Fraud for attacker's personal and commercial gain, without user's knowledge.
- Recruiting more computers in the Botnet and spread computer worms.
- Spreading scarewares like ransomware.
How to prevent Botnet ?
There are a couple of countermeasures we
can take :
- Prevent your computer from being infected by a malware. Do not open suspicious email attachments. Do not click on suspicious links. Install software from trusted sources only.
- Be aware of threats of using Peer-to-Peer File Sharing Software like BitTorrent.
- Update your computer with latest security patches of softwares you use. Malware often spreads exploiting the security vulnerabilities of softwares.
- Update your computer with latest anti-virus software.
- Various computer and network security companies have released software to counter Botnets. For example, Norton AntiBot helps consumers by shutting down Command and Control Servers or entire IRC servers of Botnet. Use of these software can help you in preventing this attacks.
And remember, awareness always helps. So, keep yourself updated with various security vulnerabilities and how to deal
with them. And stay safe, stay protected.
Read More
How to prevent Keyloggers ?
What is a Remote Access Trojan or RAT and how to prevent it ?
How to prevent Backdoor ?
Infographic : How to prevent Phishing ?
How does Conficker malware infect a computer and how to prevent it ?
How does Zeus malware infect a computer and how to prevent it ?
How to prevent Dridex malware ?
What are Browser Hijackers ?
Infographic : How to prevent Ransomware ?
Infographic : How to backup data ?
How to prevent spyware ?
What is Creepware and how to prevent it ?
How are computer worm, virus and trojan different from each other ?
Read More
How to prevent Keyloggers ?
What is a Remote Access Trojan or RAT and how to prevent it ?
How to prevent Backdoor ?
Infographic : How to prevent Phishing ?
How does Conficker malware infect a computer and how to prevent it ?
How does Zeus malware infect a computer and how to prevent it ?
How to prevent Dridex malware ?
What are Browser Hijackers ?
Infographic : How to prevent Ransomware ?
Infographic : How to backup data ?
How to prevent spyware ?
What is Creepware and how to prevent it ?
How are computer worm, virus and trojan different from each other ?
No comments:
Post a Comment