What is a botnet?
First of all, we need to understand what a botnet or zombie network is. A botnet is a network of computers made up of machines infected with a malicious backdoor program. The backdoor enables cybercriminals to remotely control the infected computers (which may mean controlling an individual machine, some of the computers making up the network or the entire network).
Malicious backdoor programs that are specifically designed for use in creating botnets are called bots. Botnets have vast computing power. They are used as a powerful cyber weapon and are an effective tool for making money illegally. The owner of a botnet can control the computers which form the network from anywhere in the world – from another city, country or even another continent. Importantly, the Internet is structured in such a way that a botnet can be controlled anonymously.
Computers infected with a bot can be controlled either directly or indirectly. When bots are controlled directly, the cybercriminal establishes a connection with an infected computer and manages it by using commands built into the bot program. In the case of indirect control, the bot connects to the control center or other machines on the network, sends a request and then performs the command which is returned.
The owner of an infected machine usually does not even suspect that the computer is being used by cybercriminals. This is why computers infected with bot malware and which are surreptitiously controlled by cybercriminals are also called zombies. The networks formed from infected machines can be called zombie networks. Most zombie machines are home users' PCs.
How are botnets used?
Botnets can be used by cybercriminals to conduct a wide range of criminal activity, from sending spam to attacking government networks.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.