Botnets and YOU
It’s nearly Thanksgiving, and nothing puts me more in the spirit of giving thanks than the thought of an enormous, globe-spanning distributed network of computers at my beck and call. This is a lie, though; I don’t have a network like that, and if I did, ‘thanks’ is probably not what I would be giving, and the only thing I would anticipate receiving would be a prison sentence. The kind of network I just described is called a ‘botnet’, and yes, they are generally illegal. I am certainly not condoning the creation of a botnet, but I feel it is important to know about them, since they represent one of the most powerful weapons a malicious ‘hacker’ typically has in their arsenal. Also, as a sort of morbid curiosity, it is difficult to deny the ingenuity of their operation.
There are a myriad of ways to create a botnet, but the general idea is pretty simple: the ‘bots’ in the ‘botnet’ are simply computers that have been told to report to and / or receive orders from a central location. Basically just a bunch of computers that are set up with software that allows them all to be controlled by a single computer. This practice in itself is not illegal, but the circumstances that surround the creation and operation of the vast majority of botnets in existence today is where ‘botnet’ receives its negative connotation.
Most botnets are formed by distributing a piece of malicious software; these are the same kinds of worms, viruses and trojan horses that you’ve likely heard about before. These pieces of software can be very devious, installing themselves and running as a disguised process without the victim ever knowing. That’s the point, though — the victim has to remain completely unaware, otherwise they may take action against the malware. With this in mind, in order to remain stealthy, botnet software will often intentionally use fewer resources and exert less control over a victim’s system that it is actually capable.
Botnets are used for a variety of things, but most typically for spamming phishing emails, running denial-of-service attacks, and collecting personal data from victims.
Due to their extremely distributed nature, it is difficult to determine the source of a botnet, but that doesn’t mean that individual botnets can’t be identified and tracked. In a certain way, botnets can be a source of fascination and awe. Botnets are given names and sometimes even personalities and are typically ranked by either the number of infected hosts or by their level of impact. Another entertaining facet of botnets are their occasional hostile takeovers, wherein a very savvy individual or group of individuals is able to capture a bot’s software and reverse engineer it in order to procure information that would allow them to seize control of the botnet from its original creator. A bit of internal botnet warfare goes on due to the possibility for these sorts of takeovers, with some botnets possessing the ability to remotely ‘self destruct’ itself — not literally blow up, but to wipe itself or the system it was hosted on in order to prevent a reverse-engineering attempt.
There really is a lot to be said about botnets, but I hope that this overview was enough to pique your interest and lead to further investigation. Just be careful, and don’t do anything illegal, of course. Also, have a great Thanksgiving break, you’ve probably earned it.
Entry filed under: Uncategorized.