There is nothing scarier than The Swarm of wasps flying towards you? What about a Swarm of Bots? Let’s talk about Botnet.
In short? Botnet is a set of softwares that is on many computers connected to each other in a network.
In detail?
Bot – aka “Zombies“, not exactly a “robot”, but a software component that is installed, usually secretly, on your computer and acts as an intermediary between it and the C&C (Command and Control) server. The most common way to infect a computer and turn it into a bot is through a dedicated trojan.
After the Bot got installed on your device, it connects to the C&C Server. The Bot sends information and receive “orders” defined by the Bot Master. The Bot Master is a user (or an organization) that owns and controls the C&C Server.
BotNet is a number of this bots that are being controlled in a certain C&C Server. There are many botnets, the most famous of which are Zeus and SpyEye, on the basis of which dozens more were built. Their price can reach thousands of dollars and the organizations that builds them are considered Software companies.
There are 4 main Types of Botnets
The Common Botnet –
has capabilities such as running a process on the infected computer, retrieving passwords and keystrokes. Often, there will be the possibility of stealing identification information for websites (form grabber) as well as planting malicious codes on a page received from a web server (aka web inject).
Ransomware
– a nasty type whose goal is to lock your computer until you transfer a certain amount to the criminal’s account, similar to dealing with hostages and ransom. The lock can be in the form of a screen that blocks any possibility of working with the computer to a sophisticated trojan that encrypts all the files on the disk. The only way to restore them is by the command from the bot master.
RAT –
its full name is Remote Access Trojan or Remote Administration Tool, depending on who uses it. A tool that allows full control over the victim’s computer, such as taking screenshots and viewing the camera, browsing files and desktop, planting processes and tasks, controlling the browser and hardware devices, and much more…
DDoSer –
the scariest of the bunch. Do you want to make hundreds of computers simultaneously flood a competitor’s server? This is the tool for you. You can send a command to all the bots that will open broken connections to the server you want to take down. For example, this could be a SYN flood attack or sending HTTP requests that cause the web server to leave a session open, thus causing it to reach the connection limit. The main purpose of this type of Botnet is to perform Denial of Service attacks (DoS).
Afraid? Did you know that Cytrix, the Web Application Vulnerability Scanner can detect vulnerabilities that may leave you exposed for these sorts of attacks?
Stay “Botty”, choose Cytrix.
