Member
- Joined
- Oct 11, 2023
- Messages
- 105
- Thread Author
- #1
Have you ever heard of such a concept as a botnet? If not, then there's nothing strange about it. For any ordinary Internet user, this is normal. Because the intent of cybercriminals lies precisely in this. They do not bring anything but trouble, so it is better to never encounter them at all.
By any illegal means, their developers manage to hide their activities for decades, earn money from them and bring great damage to society.
The first botnets began to appear in the 2000s, and their number grew rapidly every year. And for a reason. This is a lucrative and therefore tasty business for hackers. The use of such malicious computer networks is found in many areas of activity where there is access to the Internet.
How it happens: a bot that is part of a botnet attacks and attacks an unprotected device or site, and then manages it for its own purposes. This expands the network and creates a new source of attacks. It can be a personal computer running on any OS, a corporate website, or even your brand-new smart vacuum cleaner or kettle.
They are created and used for extortion of funds, theft of personal data, mining, draining advertising budgets (automatic linking of ads).
There are many effective ways to infect your computer. Hackers are coming up with more and more ways to spread malware. The most popular ones are sending out e-mail with dangerous "stuffing" or penetrating through vulnerabilities of legal software to the device. The user may not be aware of such a neighborhood until the" embedder " is detected by the antivirus. The sad thing is that most new networks go unnoticed for a long time.
Often, botnets are rented out to other cybercriminals to perform a number of more resource-intensive tasks.
What is most interesting is that it is very difficult to identify botmasters, and many of them remain anonymous forever. Hackers are adept at hiding their identities.
Each newly converted bot has its own IP address, which makes it difficult to find and block the master. Because these addresses are constantly changing, the software is constantly fighting incoming malicious network traffic.
This type of attack is used to "kill" a competitor's site or an entire server. Sites may remain unavailable for a long time, and therefore the business suffers serious losses.
How to filter out spam emails: you receive a similar message from one of the mail servers, mark it as "spam" and it is moved to a special folder. In the future, all unsolicited emails from this mail server will be sent to this folder by default.
But if a fraudster has a lot of unique IP addresses at his disposal, then mass sending becomes more successful — most emails simply don't get blacklisted, they are opened by unsuspecting recipients and infect their computer.
By any illegal means, their developers manage to hide their activities for decades, earn money from them and bring great damage to society.
In this review, we will try to shed light on the most well-known and dangerous malware. We will tell you about the main types and show with examples how much damage they cause. We will also tell you how to protect yourself from them.According to Vint Cerf, the creator of the TCP/IP protocol, about a quarter of the 600 million computers connected to the Internet around the world may be in botnets. In India, they make up a record number of ~ 2 million.
What is it
A botnet is a computer network in which every device with Internet access is infected with malware and controlled by a bot wizard.The first botnets began to appear in the 2000s, and their number grew rapidly every year. And for a reason. This is a lucrative and therefore tasty business for hackers. The use of such malicious computer networks is found in many areas of activity where there is access to the Internet.
How it happens: a bot that is part of a botnet attacks and attacks an unprotected device or site, and then manages it for its own purposes. This expands the network and creates a new source of attacks. It can be a personal computer running on any OS, a corporate website, or even your brand-new smart vacuum cleaner or kettle.
They are created and used for extortion of funds, theft of personal data, mining, draining advertising budgets (automatic linking of ads).
Owners of infected devices may not even know that their computer or kettle is already part of the botnet network. Fortunately, anti-virus and cybersecurity software developers, banks, and services like BotFaqtor figure them out and develop security programs. And even though various structures manage to reduce their spread, the fight against them has already turned into a game of cat and mouse. Scammers find loopholes and avoid the security system.Bots themselves are not viruses. This is software, or rather, a set that consists or may consist of virus programs, tools for hacking the OS, firewalls, software for intercepting information or remote control of the device.
How botnets work
They don't appear overnight. To build an entire network, they need to reach as many of their victims ' computers as possible, turn them into zombies or slaves. And to become part of a botnet, the computer is deliberately infected with malware.There are many effective ways to infect your computer. Hackers are coming up with more and more ways to spread malware. The most popular ones are sending out e-mail with dangerous "stuffing" or penetrating through vulnerabilities of legal software to the device. The user may not be aware of such a neighborhood until the" embedder " is detected by the antivirus. The sad thing is that most new networks go unnoticed for a long time.
When the shepherd bot (also called the master bot) gets enough devices or computers into its network, it proceeds to remotely manage them.Fact: Europol, the FBI and the National Crime Agency of Great Britain were involved in the operation to uncover the network and stop the spread of the Emotet botnet from the Trojan virus family. It was created in 2014 and penetrated Windows PCs of various organizations through phishing emails that included a Word document with a link to download malware.
Who manages them
Botnets are managed by groups of people or by one person. The bot wizard sends special commands to individual devices and tells them what to do. These commands can include anything from visiting a website and executing a piece of code to infecting another device on the network.Often, botnets are rented out to other cybercriminals to perform a number of more resource-intensive tasks.
What is most interesting is that it is very difficult to identify botmasters, and many of them remain anonymous forever. Hackers are adept at hiding their identities.
Kinds
Now let's find out why anyone would want to run an army of computers at all. Why do we need all these botnets? But they are in high demand among cybercriminals around the world. Instead of a single computer doing all the work, it uses a whole network of devices located in different parts of the world — so it is less likely to be detected.Each newly converted bot has its own IP address, which makes it difficult to find and block the master. Because these addresses are constantly changing, the software is constantly fighting incoming malicious network traffic.
DDoS
Botnets are widely used for DDoS attacks (Distributed Denial of Service). This is the most popular option.This type of attack is used to "kill" a competitor's site or an entire server. Sites may remain unavailable for a long time, and therefore the business suffers serious losses.
But it's not always a direct order. Hackers often blackmail business owners and impose their own conditions on them. If they do not agree and do not pay, the criminals will launch a cyber attack.Naturally, this is not done for altruistic reasons. Cybercriminals, managers, take a bribe with a per-second payment: for example, a DDoS attack lasting 10,800 seconds will cost the customer ~ $ 20 per hour.
Mining Botnet
In 2009, when Bitcoin was first created, the whole world rushed to generate a new cryptocurrency. But to speed up the process and earn as much as possible, one computer will not be enough. So mining through botnets appeared-parasitizing on someone else's device, or rather, on the resources of its video card to generate power and generate digital money.And there are many such botnets for creating farms. If you look at the cost of one bitcoin, you can conclude that they are quite widely used.If you start noticing that your computer's performance has increased dramatically. There is not enough memory for ordinary programs and operations on the PC. The computer accelerates like a jet plane. Most likely, your video card is no longer (paradoxically) yours — the bot is firmly embedded in the device and eats up power, burning the video card.
Sklicking
Every digital device — computer, tablet, or mobile phone-leaves its own digital footprint. This means that they can be used for clicks on ads. Each click on an ad costs the advertiser money, so using botnets for linking, fraudsters can drain the advertiser's budget by the thousands every month.Another use of such bots is to register your own sites in Google AdSense and click ads on them. What for? Then, for each user click on the ad, the owner of the partner site receives a commission fee. Imagine if a fraudster has a whole network in his hands, how much he can earn in this way. It's in the black, and advertisers are in the red.Analyze the number of clicks to the number of orders and the time spent on the page. Pay attention to the behavior of most users: you may have noticed signs of robotic page scrolling and similar transitions. Most likely, your budget is simply being drained by bots. Someone makes money on it, and you only lose. For example, if you use Yandex.Yandex.Direct, then you can put anti-click protection on it. Dummy clicks will be blocked using special algorithms for detecting bots, and bids will be adjusted in your favor.
Email spam
Many of them have experienced email spam. Now you are offered 5000 bitcoins for free, then you won a million, then your piquant photos ended up on "one of the devices" and, if you do not pay, they will be posted online. All of these are spam botnets.How to filter out spam emails: you receive a similar message from one of the mail servers, mark it as "spam" and it is moved to a special folder. In the future, all unsolicited emails from this mail server will be sent to this folder by default.
But if a fraudster has a lot of unique IP addresses at his disposal, then mass sending becomes more successful — most emails simply don't get blacklisted, they are opened by unsuspecting recipients and infect their computer.