A Botnet is a system of compromised computers, often referred to as Zombies, that communicates and executes tasks issued by a central bot. Botnets have evolved over the years, and have been a thorn in the I.T. world’s side.
Originally, the botnet was not meant for malicious purpose. They were used to build up or better evaluate functions of IRCs (Internet Relay Chat) along with many other productive tasks. Then the dark side got a hold of them. Hackers saw the criminal potential in a botnet and have turned this once innocent helper into an evil monster on the World Wide Web.
One of the more common uses of a Botnet is to perform what is called a Distributed Denial of Service (DDoS) attack. The central bot will command all thousands or even millions of Zombies to flood the targeted systems resources with traffic, eventually causing the site to be unreachable by actual users. Although this is very disruptive and costly for e-commerce sites, the worse part of a Botnet is their ability to steal personal and banking information from their zombie machines.
How does one get infected by a Botnet? Very easily. You can visit an innocent website that has been compromised, downloading files that have tainted code disguised in it or by a virus or malware entering your device through traditional ways. Once the device is infected, it will immediately call out to the host bot to confirm they have arrived safely and have nestled comfortably in your computer.
The functionality of a Botnet will continue to evolve over time as it has already. Big names such as Microsoft and Symantec have made valiant efforts to battle it out with these monsters. They have brought popular Botnets like “Bamital“, which had compromised over 8 million devices, down do its knees. As evolution will do, even stronger and scarier types of Botnets have emerged, challenging the security world once again.
There are many theories of how one would detect and eliminate the Botnet communication. Unfortunately these remedies have been deemed as merely circumstantial. Antivirus software is a great tool to have, but cannot keep up with the ever-changing types of threats or communications coming through. Specific tools have been designed to fight and protect against them but that is not considered the best practice, although for some, may be an only option. The best practice for preventing being a victim is to simply watch what you download, be careful what sites you visit, update your devices, run scans with your antivirus and monitor your network for unusual activity.