What is a botnet? The definition and the top 5 examples


The number of cyber attacks has grown dramatically in recent years. Hackers are targeting governments, businesses, and individuals around the world, and you may have unwittingly assisted them in carrying out their attacks. If you have ever clicked on a link in a suspicious email and similar emails have been automatically sent to all your contacts, you have surely been a victim, and an accomplice of a botnet.

Summary: A botnet is a group of computers remotely controlled by a hacker that uses the resources to carry out attacks against web pages, computer networks and internet services. If your computer is infected by malware, it may be part of a botnet. Read on to learn about the most common botnet attacks and how you can protect your computer.

  • The definition: What is a Botnet?
  • What types of botnet attack are there?
  • Botnet attack examples
  • How to Protect Your Computer from Botnet Malware

The definition: What is a Botnet?

It is a word made up of the words “robot” and “network”. A botnet is a group of computers controlled remotely, and coordinated to carry out harmful tasks. A single botnet can be made up of between several hundred and several million computers, they are called “bots” (the word “robots” shortened).

Botnets can access your computer through the installation of malicious programs, a direct attack by a hacker, or an automated program that scans the internet for security deficiencies (for example, lack of virus protection) that can be exploited. . If your computer, or any other device connected to the internet, is infected by malware, it could become one of the “bots” that make up a botnet. If this is the case, the other computers and devices on your network are also at risk of becoming part of the same botnet.

All computers in a botnet are remotely controlled, either by a hacker or by command and control software, developed by him. Also known as “zombie army,” these computers can be used by botnet owners to send spam, shut down web pages, generate revenue from bogus internet traffic, or advertise paid downloads of rogue software to kill botnets.

As with many other technologies, botnets were not created to carry out harmful actions. In the early days of the worldwide extension network, its main use was to host IRC networks. However, it didn’t take long for hackers to identify the main weaknesses of the primary botnets and to start exploiting those weaknesses for their own benefit.

Today, botnets are the biggest threat to cyber security, they can bring down large networks in seconds, and put them down for hours, and even days. Hackers use botnets mainly because the strength of the “zombie army” of hundreds of thousands of computers allows them to carry out much larger attacks in this way. On the other hand, hiding behind so many computers gives them the opportunity to disguise the true source of the attack and prevents them from being caught and punished for their cyber crimes.

What Types of Botnet Attacks Are There?

In most cases, the spread of botnet malware will not visibly affect your computer, making it very difficult to detect. However, it is not surprising that around a third of all computers in the world are either part of a botnet or are at high risk of becoming a bot.

Botnet owners can use their computer to carry out a wide variety of actions or attacks against other computers, networks and web pages. Some of the most common botnet attacks are as follows:

  1. Distributed Denial of Service Attacks

Botnets are frequently used to launch distributed denial of service (DDoS) attacks against networks, websites, and online services. They use their “zombie armies” of machines to generate large amounts of traffic to web pages, in order to consume their bandwidth and / or overload their resources. The ultimate goal is to interrupt the operation of these web pages and prevent access to users.

According to statistics, most attacks occur in countries with large economies, such as China, the United States and South Korea. As the target of these attacks has been shifting from private users to corporate networks, the botnets used to carry out the attacks have grown stronger as well.

  1. Cryptocurrency mining

In recent years, many media outlets have reported botnets mining cryptocurrency. They are distributed and operated in the same way as any other botnet. However, instead of using your computer to attack other networks, they use your resources (for example, broadband and electricity) to mine the cryptocurrency. As long as they are not detected, these botnets can generate considerable income for their owners. Due to the nature of digital currency, this income is not only impossible to track, it is also tax-free.

Cryptocurrency mining botnets target private users when doing business operations, as well as other larger networks. At the moment, Monero is the digital currency of choice for hackers who operate with botnets that mine cryptocurrencies for very simple reasons. While a single Bitcoin is worth several thousand dollars, the price of a Monero is around $ 100, low enough not to arouse suspicion. The value of this digital currency is also expected to skyrocket soon, which could translate into huge profits for hackers.

  1. Send junk mail

Some botnets also use special proxies to send spam from an infected computer or network. These spam messages include phishing emails that contain links to fraudulent web pages or dangerous downloads. The recipient only has to click on the link to start downloading the malicious software and become part of a botnet that has attacked their computer. In many cases, spam bots will send the same email to addresses on your contact list, thus continuing the botnet chain.

  1. Installing Explorer Plugins

When they are not attacking other networks or mining cryptocurrency, some botnets make a profit for their owners by displaying ads in their browser. They secretly install plugins in the browser (usually on the toolbar) that will change your home page to a fake (albeit real-looking) search engine. Every time you press enter to perform a search, a pop-up window will appear and that click will be paid to the owner of the botnet.

Additionally, some botnets will use malicious code to remove ads from web pages that you visit frequently and replace them with fake ads to generate revenue for the attacker. This allows botnet owners to enrich themselves with content that belongs to other people and deprives the web pages in question of a significant portion of their income.

  1. Theft of personal information

Botnets can use malicious software in various ways to collect your personal information. On the one hand, they can monitor your network traffic for sensitive information such as usernames and passwords. They can also use logger software to collect any personal information that you enter into your browser, even if it appears encrypted on your screen. This may include the details of your entry on your website, as well as addresses, phone numbers, credit card details, and PayPal credentials.

Examples of botnet attacks

Very strong botnets were responsible for some of the largest and most destructive cyberattacks in recent years. The most notable examples include the following:

  • The GitHub attack in 2018  – In February 2018, a large botnet carried out the largest DDoS attack ever recorded. Maximum inbound data traffic peaks of 1.35Tb per second were generated. The attack put GitHub, the internet’s largest software development platform, out of service for a few minutes.
  • The 2014 Hong Kong Attack  – Political instability in Hong Kong sparked what was at the time the largest DDoS attack in history, when several large botnets joined forces against the country’s pro-democracy websites. Many accused the Chinese government of these attacks, but the actual attacker is unknown.
  • The Mirai Attack in 2016  – Named for the popular anime series, Mirai was a botnet comprised of more than 100,000 computers. It was featured in the media in 2016, when it launched attacks against various cybersecurity companies, generating 1Tb per second traffic and taking a large part of its online infrastructure out of service.

How to protect your computer from harmful botnet software

Since most botnets are distributed via malicious software, you need to use the best antivirus software to protect your computer from malware and online security threats. Many users choose to install free antivirus and anti-malware software, but this may not be a good option. At best these programs will offer insufficient protection, and at worst they may be malware disguised as legitimate software.  

For optimal protection, you need antivirus software that offers real-time protection against threats, performs scheduled scans, and quarantines and removes all infected files. In addition to using reliable antivirus software, you should also avoid suspicious emails, attachments, and downloads.

If your home page has suddenly changed, if you continually get pop-ups while browsing the Internet, or if your computer suddenly runs slower, you should run a scan to identify the cause of this problem. It is possible that you are already part of a botnet, and in this case you will need the best antivirus software for Mac to find the malware component that controls your computer and remove it completely.