BotNets, also known as zombie networks or networks of bots, are groups of computers that are covertly controlled to send data such as spam and viruses to other computers on the internet. This is accomplished through the use of malicious programs such as viruses, Trojans, and worms, which infect computers without the knowledge of their owners. The majority of infected computers are home PCs that are inadequately protected.
Once a computer becomes part of a BotNet, its actions can be directed by the creator of the botnet. Essentially, it becomes a drone that is unable to resist the commands of its master. BotNets are primarily used for spreading spam and viruses, as well as for conducting key-press logging that can lead to mass identity theft. Zombie computers can also be employed in denial of service attacks, in which multiple bots simultaneously overload a server’s bandwidth, causing it to crash. This technique is particularly effective when the BotNet is large and contains thousands of computers. More advanced malware can even spread through email, while smaller botnets lack this capability.
BotNets are designed to be difficult to detect and analyze. They receive instructions from their creators through Internet Relay Channels (IRC). As of April 2008, the Storm BotNet and the Kraken BotNet were the largest BotNets in the world, estimated to consist of 400,000 bots each. Other significant BotNets include Rbot and Bobax, each with an estimated 20,000 bots.
To properly protect your computer, it is recommended to frequently scan and update your antivirus and firewall software. Special sensors known as “honeynets” have been established on the internet to mimic the characteristics of computers with known security flaws, in an effort to lure hackers and track down malware creators. Kaspersky Labs, the creators of Kaspersky anti-virus, have stated that botnets pose a greater threat to the internet community than individual viruses and worms.
