Bots, Botnets and Zombies

botnetNews about internet crimes often mentions ’bots’, ’zombies’, and ’botnets’. It’s not hard to figure out from the context that these are computer or network security threats. But what exactly are they, how do they work, and what damage do they cause?A ’bot’, short for robot, is a type of software application or script that performs tasks on command like indexing a search engine, and they are really good at performing repetitive tasks.

Bad bots perform malicious tasks allowing an attacker to take complete control over an affected computer for the criminal to control remotely. Once infected, these machines may also be referred to as ’zombies’. Zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse and can be used to perform malicious tasks of one sort or another under remote direction. Most owners of zombie computers are unaware that their system is being used in this way. Because the owner tends to be unaware, these computers are metaphorically compared to zombies.

Taking over one computer is useful, but the real value to a criminal comes from collecting huge numbers of computers and networking these (a botnet) so they can all be controlled at once and perform large scale malicious acts. The word botnet (also known as a zombie army) is a combination of the words robot and network. The term is usually used with a negative or malicious connotation.

Cybercriminals make money from their botnets in several ways:

  • They may use the botnets themselves to send spam, phishing, or other scams to trick consumers into giving up their hard earned money. They may also collect information from the bot-infected machines and use it to steal identities, run up loan and purchase charges under the user’s name.
  • They may use their botnets to create denial-of-service (DoS) attacks that flood a legitimate service or network with a crushing volume of traffic. The volume may severely slow down the company’s service or network’s ability to respond or it may entirely overwhelm the company’s service or network and shut them down.

Revenue from DoS attacks comes through extortion (pay or have your site taken down) or through payments by groups interested in inflicting damage to a company or network. These groups include “hacktivists” — hackers with political agendas as well as foreign military and intelligence organizations.

  • Cybercriminals may also lease their botnets to other criminals who want to send spam, scams, phishing, steal identities, and attack legitimate websites, and networks.

Don’t let your computer become a bot

If you have not installed security software and ensured that it is turned on, and kept up-to-date your machine is likely infected with all kinds of malicious software, including bots. The best protection is to set your anti-virus and anti-spyware programs to automatically update, and to install every patch that your operating system and browser make available.

Even the most up-to-date protection tools cannot protect you from everything; there is still some risk because the developers of malware are always looking for new ways to get around security measures, and there is the risk of infection because of actions you, or another person who used the computer, take.

A common user risk comes through downloading content from unknown sites OR from friends that don’t have up-to-date protections. The intent may not be malicious at all, but if content comes from an unprotected computer it may well be infected. By downloading the content you bring the malicious code past your security checkpoints where they can try to clean the malware off your machine, but they have no way of defending against it being downloaded in the first place. Always use extreme caution when downloading information or files from someone whose computer is not protected.


Leave a comment

Your email address will not be published. Required fields are marked *