Skip to main content

What is a Botnet? - Towards Cybersecurity

What is a Botnet? - Towards Cybersecurity

 In this article, I am explaining about a botnet and it's types. So, Let's begin.

A botnet is one of the most common and popular modern-day malware. A botnet is made of two words one is a bot, and another one is net.

Firstly, let's talk about "bot" which is also called Zombie. A bot is an infected system that is under the control of an attacker without their owners' knowledge. The attacker used bot code (malware) to infect the system and after that as per the attacker's instructions bot code (malware) communicates with the attacker's server and performs a wide variety of malicious activities. And now let's talk about the "net" which means a network.

So, Botnet means a network of bots (zombies) controlled by an attacker to perform a wide variety of malicious activities like Spamming, Phishing, Click Fraud, etc. That's why nowadays botnet is one of the most common and dangerous tools in the attacker's toolkit.

Originally, Botnets were created as a tool with valid purposes in IRC (Internet Relay Chat) channels but after some time attackers exploited the vulnerabilities in IRC (Internet Relay Chat) and developed bots to perform a wide variety of malicious activities.

Usually, an attacker will target systems that are not safeguarded with antivirus or firewalls because it is easy for them to compromise those types of systems. An attacker can take control of those types of systems mostly via malware.

Attackers want to infect and control, thousands or even millions of systems  so that an attacker can act as the botmaster of a very large zombie network  that is capable of delivering, a large-scale DDoS attack, a large-scale spam attack or other types of a large-scale cyberfraud or cyberattack.

Sometimes, attackers also sell botnet (zombie network) to other attackers or spammers may rent a botnet (zombie network) to operate a large-scale spam attack. That's why botnet is one of the biggest cyber threat.

Botnet Structure:-

There are two types of botnet structure :

1. Client-server model:-

It is a basic network model in which the botmaster act like a server and other bots are act as a client. Here, the botmaster uses the C&C (Command and Control) mechanism for controlling the transmission of a message to each client.

So, it is very easy to set up and maintaining a client-server model. However, it is very easy for a network admin to trace the botnet's location and destroy the botnet.

2. Peer-to-peer model:-

In a P2P (Peer-to-peer) model, each compromised system acts as a client and a server. Individuals bots also have a list of other compromised devices so they can instruct other compromised systems.

In the P2P (Peer-to-peer) model it is very harder to locate any centralized server. So, The P2P (Peer-to-peer) model fixes the problem of the client-server model.

Bot-Master System:-

It has the following four modules :
  1. Infection Module - Spread across LAN-WAN
  2. Command Module - Execute commands remotely
  3. Control Module - Define the role of ownership
  4. Stealth Module - Hide and prevent detection   

Cyberattacks and Cyberfrauds by Botnets:-

Here are some examples of cyberattacks and cyberfrauds by botnets :

  • Spamming
  • DDoS (Distributed Denial of Service)
  • Clickfraud
  • Key Logging
  • Phishing
  • Identity Theft
  • Password Cracking
  • Cheating in online games/polls

Let's discuss one cyberattack scenario.

DDoS (Distributed Denial of Service) Attack by Botnets:-

Firstly, the attacker creates a very large zombie network. So, let's assume that every bot has the bot code (malware) in the network and regularly bot code (malware) communicate with the attacker's server. After that, the attacker starts the DDoS attack by sending a command to every bot in the zombie network.

As a result, the victim gest too many requests from thousand, even millions of bots at the same time and because of that victim's service goes down and DDoS attack accomplished.

What is a Botnet? - Towards Cybersecurity

Now, Let's discuss the types of botnet.

Types of Botnet:-

  • DoSBot - Perform DoS and DDoS attack
  • SpamBot - Perform email spamming by collecting address books
  • BrowseBot - Collect user's browsing habits and feed into advertisement network
  • AdSenseBot - Common as BrowseBot but targeted to AdSense
  • idBot - Collect userid and password details
  • CCBot - Collect credit card details from e-commerce sites
  • PollBot - Control online polls meant for services & products
  • BruteForceBot - Attack site with TCP & application layer attacks
  • NetBot - Attack network

So, These are the types of botnet.

If you have any questions related to a botnet and its types and also want to share your views on botnet then please mention in the comments box and I will get back to you.
Labels:

Comments

Post a Comment

Popular posts from this blog

How To Check If a Link Is Safe To Click

Many times, we share links among our friends on social media platforms like WhatsApp, Facebook, Instagram or Twitter. But do we know how safe they are? What can happen if you click on any malicious link? We never think of the following things : Links can drop various harmful programs, viruses on your device Links can steal your personal data by dropping spyware or keyloggers Use your browser for crypto mining which will affect your device's performance Even if your device is secured with antivirus, not all of them warn you before clicking such malicious links . And the moment you click on these, they will become big trouble for you. This can sometimes even be dangerous with regard to data security and identity theft. So, Be careful about what you click on. These days one of the quickest growing security issues is ransomware , which is often spread by the user unintentionally clicking dangerous links in emails, social media platforms, messengers, and other tool
145 comments
Read more

How To Enable WhatsApp Fingerprint Lock Feature on Android

WhatsApp has officially rolled out the fingerprint lock feature for all the Android users. Most of you may already have been doing it for the last few years with the help of third-party app lockers for adding more security. Keeping that in mind and to make the process quicker and safer at the same time, WhatsApp has now launched this new fingerprint lock feature so that you can open the app by your fingerprint. It means that regardless of whether the phone is opened, others won't have the option to gain access to the messages without your fingerprint. So, you can now secure your WhatsApp conversations with an extra layer of biometric security . With this step, WhatsApp is finally offering biometric authentication to the Android app, while iPhone users enjoying both the Touch ID that is the fingerprint recognition and Face ID that is the facial recognition since the month of February 2019. WhatsApp is also giving more options with the new fingerprint lock featur
50 comments
Read more

TikTok Secretly Sent Users Private Data & PII Number to Chinese Server Including Draft Videos

The popular Android and iOS short-videos creating app, TikTok hit with a lawsuit claims that the app illegally and secretly transfers app's users' private sensitive data and Personally Identifiable Information (PII) to Chinese servers. TikTok which is a 15-second short-video creating app especially popular among the younger generation and also downloaded over 1.3 Billion times worldwide . TikTok remains top in the most downloaded app list for months on the Apple App Store and Google Play Store.  According to the lawsuit, Tiktok shared the user's created videos which include private acts and closeups of user's faces (biometric data) before the videos are saved on the app. TikTok provides many options includes the next button, close button, and button for effects to its users while recording the video. Here, the next button takes users to the screen that shows these two options : "post" and "save".  After clicking on the "next" button, Tik
76 comments
Read more