Understanding Botnets

Botnets represent a new class of stealthy, targeted malware used specifically for financial gain.

Botnets are malware programs that are centrally controlled by malicious groups seeking to profit from the information contained on your networked PCs.

 

What is a 'bot'?

A bot is computer infected with a malicious program that enables unauthorized remote control. The goal of the infection is to use the computer in online cybercrime.

Once your organization's computers are infected with bot malware, the malicious attacker (commonly referred to as a "bot herder") can remotely control your computers.

How are bots created?

It typically occurs in the following manner.

  • Massive numbers of computers become infected with bot malware via the Web (e.g. drive-by downloads), social engineering (email attachments), or direct attack on the PCs (network worms and other exploits)
  • The bot malware 'calls home' to contact a server/PC via http, IRC, or P2P allowing the compromised PC / bot to receive commands from the bot herder
  • The bot herder issues commands to download more malware like password crackers, keystroke loggers, email relays to distribute spam, or pretty much any software the bot herder wants on the PC

What are bots used for?

Now the bot can participate in online cybercrime ranging from making itself a nuisance by sending numerous 'spam' emails to actively attacking particular websites causing a denial of service (DoS). More sophisticated bots now steal information stored in your computers and send it back to the bot herder for criminal use. Data stolen include credit card information such as "Track 2" magnetic data, personal identity information like social security numbers, and network credentials to penetrate 'encrypted' databases.

Organized and petty criminals have developed the next-generation of botnets that exploits computer vulnerabilities, remains hidden from users, and steals your valuable data and network resources.

Botnets now serve as the primary means for

  • Customer identity thefts
  • Spam e-mail distribution
  • Product & service rip-offs
  • Intellectual property losses

Why are bots being created?

Simply put, money! The profits from botnets are estimated to be in the billions of dollars (USD). In terms of consumer and enterprise losses, in 2005 alone the FBI estimated $67.2B was lost due to online computer crime. The scale of online cybercrime is truly mind boggling because it has grown so quickly without most organizations recognizing its true impact. Take click fraud, it is estimated that 16+% of all clicks on search engine ads are fraudulent. Businesses are losing billions of dollars on online advertising alone. There are now 100 billion spam emails sent every DAY requiring businesses to store, scan, and delete (if possible) or relay them along to employees who much filter them out.

The damage botnets are causing has been so severe that it threatens the very trust needed to carry on Internet-based transactions.

Learn more:


Resources