Limited time offer

0

Days

12

Hrs

3

Min

57

Sec

Categories

Search blog

Subscribe to RSS

0 Shares

What are botnets malware – and how to protect yourself against attacks

You’ve probably heard of the word ‘botnet.’ It’s often used in conjunction with ‘zombies’ and ‘enslaved computers’ and paints a dystopian picture of the future in which remotely controlled computers rule the world.
The truth isn’t too far from this. A botnet is a collection of computers that together have been remotely hijacked, irrespective of their location, to create a network of ‘zombie computer’s’ controlled by hackers.
Botnets really started making their mark in the early 2000s when financially motivated attackers took notice of the large number of unprotected computers and equally large number of users turning a blind eye to security.

So why do hackers create botnets?

Today, botnets can be enormous and have accounted for cyber fraud activity that can be counted in billions of stolen dollars.
A botnet is the difference between having one computer to do a hacking mission and having 10,000 computers. A cyber crook has simply got so much more computing power at their fingertips to:
  • Attack other computers or to take down websites
  • Send spam or phishing emails to millions of email addresses
  • Deliver ransomware to hundreds of thousands of computers
  • Send spyware, trojans and other types of malicious malware

How are botnets created?

A hacker writes some malware code that if it gets into your computer allows it to be taken over remotely.
Criminals try and get the malware into your computer by taking advantage of exploit flaws such as browser plugin updates that you’ve ignored or placing malicious links on websites. You click and the malware downloads, but you might not be aware of it.
When the malicious code executes on your computer, it uses the internet to make contact with the control computer that operates the botnet, often called a command and control server. Your computer periodically checks for instructions from the command and control server.
Peer to peer botnets are used by cyber fraudsters to stop security researchers and authorities from identifying and stopping centralised command and control servers. To put it simply, in a peer to peer botnet the bots connect and communicate with to each other in order to remove the need for a centralized server.
But even smart connected devices are now being exploited. Last year a piece of malware called Mirai (Japanese for future) was used to create an Internet of Things (IoT) botnet from connected cameras and digital video recorders.

BullGuard protects your computer from hackers

TRY NOW FOR FREE - 90 DAYS


Most known botnets

The GameOver Zeus botnet was one of the most powerful ‘financial’ botnets ever seen. Designed to steal online banking credentials it is estimated to have infected almost 4 million PCs in the US alone. It is believed to be responsible for the theft of millions of dollars from businesses and consumers around the world.
The Simda botnet infected more than 770,000 computers in over 190 countries It was active for years and distributed pirated software and different types of malware, including stealing financial credentials.
Storm ranged anywhere from 250,000 to 50 million computers. First detected in 2007, it got its name from one of its earliest spam messages, “230 dead as storm batters Europe” used as the subject line in emails that were hiding malware.  Notable for being one of the first peer-to-peer botnets it was known for enabling share price fraud and identity theft. Storm was partially shut down in 2008.
ZeroAccess controlled in excess of 1.9 million computers around the world. It split its focus on click fraud and bitcoin mining. The botnet was reported to be consuming enough energy to power 111,000 homes every single day from all its infected computers.
The Mirai botnet surfaced last year. It consisted of compromised smart devices and was used to launch the largest ever distributed denial of service attacks the world has ever seen. It took down some major websites including Netflix and Twitter.

Botnets for hire

The cybercriminals who operate the botnet will likely sell it or rent it out to be used by other fraudsters. At some point the botnet will be activated and used to launch some type of attack.
Botnet’s for rent are big business in the cyber fraud underworld and they are typically rented out for as little as £15 per hour.
Today, it’s a fact that malware and botnet infrastructure dedicated to cyber-crime is a large commercial operation, that’s not going anywhere.

What damage do botnets do?

  • Distribute malware, ransomware or spyware to spy, steal and cheat people out of their personal information and financial information, alongside blackmail,
  • Send out spam emails to hundreds of thousands of email addresses which have often been stolen from different organisations servers
  • Launch distributed denial of service (DDoS) attacks on a website, companies or government agencies. The botnet is used to send so many requests for content that the server cannot cope and it essentially sinks under the weight of the requests
  • Botnets are used to generate fake clicks on ads so the fraudsters can make large amounts of money
  • Launch large phishing campaigns, for instance, emails that contain hidden malware

How to tell if your computer has been ‘enslaved’ into a botnet

There are some tell-tale signs that indicate your computer might become a part of a botnet:
  • Your computer or internet connection is running slower than normal
  • Your computer behaves erratically, for instance it crashes often and you receive unexplained error messages
  • There is high network usage on your home network
  • Your browser closes frequently and unexpectedly
  • Sometimes your computer takes a long time to start or shutdown

How to avoid becoming a part of a botnet

  • Don’t click on suspicious links - you don’t know where they lead
  • Don’t download attachments that you don’t recognise or never requested
  • Use good antivirus and antispyware software  
  • Do a full, in-depth scan with your antivirus to make sure everything on your computer is clean
  • Keep all your software up to date, especially your browser

What’s the future of botnets… it's thingbots.

There are an estimated 2 billion personal computers in the world and botnet creators have certainly taken advantage of this by snaring millions of unsuspecting computer users.
But let’s put this in perspective. The Internet of Things (IoT) is upon us. Everything from cars to home appliances, watches and even children’s toys are being connected online. It is projected that by the year 2020, there will be more 25 billion devices connected to the Internet.
Those numbers alone are enough to attract cybercriminals’ attention, but what is more relevant is that these devices mean more data to steal, more systems to take over and more money to be made.
This rise of IoT will bring another evolution in malware in the form of thingbots. Thingbots are botnets composed of infected IoT devices. We’ve already seen the Mirai botnet and this is just the start.
Compromised IoT devices can be controlled to launch attacks, steal sensitive data or facilitate other malicious activities. We have already seen a few of these in the last couple of years.
What is alarming about IoT is the painful lack of security on many devices. It’s an open invitation for cyber crooks and as such you can bet your latest smart device that thingbots will definitely become a thing.
Filed under: Tips and tricks

Written by Steve Bell

Steve has a background in IT and business journalism and has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies producing content producing. He has a particular focus on IT security and has produced several magazines in this area.

More articles by Steve Bell

5 comments

  • Peter Richter

    28 Feb 2017, 14:20

    Excellent Contribution!! And we have really a lack in this urgent matter!
    Many thanks to BullGuard and Steve Bell!
    Peter
  •  
  • Lesley

    28 Feb 2017, 01:24

    On line drive has reached end of life.
    What do we do now
  •  
  • Sable Corrie

    27 Feb 2017, 14:42

    Now I'm thoroughly scared and am not sure how much more protection I require (if any). My computer isn't very speedy (but it is pretty ancient) - the internet disappears with monotonous regularity.
  •  
  • Bernard Hall

    27 Feb 2017, 14:01

    Thank you. I am forwarding link to this article to associates, some of which do not employ credible PC security.
    Kind regards, BH.
  •  
  • Jane Denbury

    27 Feb 2017, 13:36

    Thank you for this. I never open anything unless I am absolutely certain but still get nervous. Can you help me with one thing - occasionally when I am using my desktop PC I hear what sounds like a camera taking a shot. Should I be worried about this? I have Bullguard and try to keep it up-to-date.
  •  

Leave a Reply

 

 

 

Please enter the code

Please enter the captcha code!

Security code

Ranked #1 by industry experts

BullGuard Internet Security Cup

BullGuard
Internet Security

Free download
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.