What is a Botnet?

A botnet is called as a collection of infected devices which are internet connected and these devices are controlled by the cyber-criminal with the help of malware. Usually, users are unaware of a botnet that is affecting their PC. Botnets normally used to send spam mails, create unusual traffic, etc.

Botnet is installed on the PC which is vulnerable because of outdated firewalls or antivirus.

Once the target device gets affected the attacker can control bots with two approaches −

  • Client server approach − In this approach, first a server is set up which then sends commands to bots via communication protocol. After getting the command bots do the corresponding malicious activity.

  • Peer to peer approach − This is a decentralized approach in which there is no main server. This approach is very common nowadays because Cyber security is still using the C&C communication to search for these malicious activities. In this approach Infected devices search for the infected website or devices in the same bot. Then they share the updated command of the botnet malware.

Defender can easily find the botnet malware because most of them are still using a centralized approach so it becomes an advantage for the defender.

For example − Zeus malware uses Trojan horse to infect the vulnerable devices. In 2009 cyber security found that 3.6 million hosts were infected by this malware.

Botnet is one of the examples which use good technologies for bad intentions. The most common uses that are criminally motivated for the following purposes −

  • Distributed denial of service attacks

  • Spamming

  • Sniffing Traffic

  • Key logging

  • Spreading new malware

  • Google AdSense abuse

  • Attacking chat networks

  • Mass identity theft


The uses of botnets are as follows −

  • These are used for Distributed Denial of Service attacks

  • These are used by the cyber criminals to investigate Botnet attacks such as unauthorized access, data leakage and credential leakage, data theft etc.

Botnet attack to wireless devices

Botnets are not made to trade off only one individual computer; they are intended to contaminate a large number of remote devices. Bot herders regularly send botnets onto computers through a trojan stallion virus.

The procedure regularly expects clients to contaminate their own particular frameworks by opening email connections, tapping on malicious fly up advertisements, or downloading hazardous software from a site.

In the wake of contaminating devices, botnets are unable to get to and adjust individual data, attack different computers, and perpetrate different wrongdoings.

More mind boggling botnets can even self-engender finding and tainting devices naturally. Such self-governing bots do look for-and-contaminate missions, always scanning the web for defenseless web-associated devices lacking working framework refreshes or antivirus software.