Saturday, March 20, 2010

Bots and Botnets—A Growing Threat


Bots are one of the most sophisticated and popular types of cybercrime today. They allow hackers to take control of many computers at a time, and turn them into "zombie" computers, which operate as part of a powerful "botnet" to spread viruses, generate spam, and commit other types of online crime and fraud.

What is a Bot?
A "bot" is a type of malware that allows an attacker to take control over an affected computer. Also known as “Web robots”, bots are usually part of a network of infected machines, known as a “botnet”, which is typically made up of victim machines that stretch across the globe

Since a bot infected computer does the bidding of its master, many people refer to these victim machines as “zombies.” The cybercriminals that control these bots are called botherders or botmasters.

Some botnets might have a few hundred or a couple thousand computers, but others have tens and even hundreds of thousands of zombies at their disposal. Many of these computers are infected without their owners' knowledge. Some possible warning signs? A bot might cause your computer to slow down, display mysterious messages, or even crash.


How Bots Work
Bots sneak onto a person’s computer in many ways. Bots often spread themselves across the Internet by searching for vulnerable, unprotected computers to infect. When they find an exposed computer, they quickly infect the machine and then report back to their master. Their goal is then to stay hidden until they are instructed to carry out a task.

After a computer is taken over by a bot, it can be used to carry out a variety of automated tasks, including the following:


Sending Stealing DoS (Denial of Service) Clickfraud
They send
- spam
- viruses
- spyware They steal personal and private information and communicate it back to

the malicious user:
- credit card numbers
- bank credentials
- other sensitive personal information Launching denial of service (DoS) attacks against a specified target. Cybercriminals extort money from Web site owners, in exchange for regaining control of the compromised sites.

More commonly, however, the systems of everyday users are the targets of these attacks -- for the simple thrill of the botherder. Fraudsters use bots to boost Web advertising billings by automatically clicking on Internet ads.

No comments: