Your computer does everything you ask: play video games, chat with friends, look at funny pictures of cats on the internet. But sometimes, your computer also does things that you don’t ask. Sometimes your computer is part of a botnet.

A VERY SNEAKY VIRUS

A botnet is a network of infected computers (called zombies) controlled by a botmaster.

It all starts with Patient 0. The botmaster creates a sneaky virus that creeps past the computer’s security system and then installs some malware. First, this allows the zombie to report back to its master through the network. Second, it allows the zombie to receive instructions, so that when the time is right, it can rise up and do the botmaster’s bidding. And third, it tries to spread the infection to other devices on the network.

If your computer becomes a zombie, the virus might leap onto your phone, or your tablet, or even your smartwatch or smart fridge! No networked device is safe.

If you bring an infected phone to school and connect to the wi-fi, the virus can then spread to all your friends’ and teachers’ phones – just like a real zombie plague!

SPREADING THE INFECTION

Sneakiness is crucial for botnets. Once you figure out that your computer has been hijacked, you immediately scrub it clean, and the botmaster loses a minion. So flashy pop-ups probably aren’t a good strategy!

Phishing is a popular hacking technique that was used by the Earthlink Spammer Botnet, among others. The key to successful phishing is to make a spam email look like it comes from a legitimate source: a bank, a school, a doctor’s office. This can trick people into giving their password to a sketchy website, or downloading email attachments that contain malware.

The Mirai botnet, meanwhile, took advantage of home routers and networked security cameras that hadn’t bothered to change their default passwords. And the Reaper botnet took things one step further: it actively searched for software vulnerabilities in devices that hadn’t been properly patched and updated.

There are lots of other hacking techniques, from cookie theft to drive-by downloading. And since we tend to be less suspicious of computers we trust, once the zombie virus has penetrated a network, it can move around more easily.

WHAT CAN YOU DO WITH A HORDE OF ZOMBIES?

Even the strongest person in the world can’t lift a blue whale, bench-press an elephant, or grind a mountain into dust… but maybe a million people working together could. There’s power in numbers!

Spam is a classic use for botnets. If a single computer sends a phishing email to all its contacts, the hacker might get a few nibbles. But if a million computers send phishing emails to all their contacts, the scam catches a lot more people. At its height in 2009, the Cutwail botnet is estimated to have sent 51 million emails a minute. Imagine trying to clear that out of your inbox!

Keyloggers are malware programs that record every keyboard stroke entered on a computer, including e-mails, usernames, passwords, and credit card information. With a million zombies, that’s a lot of stolen data.

In a Distributed Denial-of-Service (DDoS) attack, the botmaster harnesses their minions to spam a website with so many requests that the server gets overwhelmed and temporarily shuts down. It’s the difference between successfully fighting off a single zombie versus facing a shambling horde of millions!

And while a server can always be rebooted, DDoS attacks are dangerous because of the inconvenience they cause. Imagine not being able to reach your school’s website when you need to submit an assignment, or your bank when the monthly rent is due!

Similarly, botnets can be used for Click Fraud. Many websites make money by showing ads, and they earn a few cents each time a user clicks on one. If a savvy botmaster can program their zombies to click on everything in sight, the payout adds up!

Finally, there’s brute-force password cracking. Normally, guessing someone’s password requires solving millions or billions of math problems, and can only be done with a powerful supercomputer. But with a botnet of a million nodes, you only need each zombie to solve a single problem. Suddenly, the impossible is within reach.

VACCINATING AGAINST ZOMBIES

Worried that your computer might be running something sketchy in the background? The biggest sign that your device is a zombie is that it acts like a zombie: it’s slow and shambling. After all, secretly sending spam and cracking passwords means the CPU has less resources for other tasks, like streaming video.

In order to be sure, you need to intercept the zombie’s communications with its botmaster. However, with botnet software becoming increasingly sneaky and complex, only specialized cybercrime-fighting organizations really have the tools to make a diagnosis.

Destroying a zombie, on the other hand, is quite simple! Simply back up all your files and do a factory reset of your device. Going forward, you can then take some anti-zombie precautions while browsing the web:

• • Regularly delete your cookies and browsing history
  • Don’t reuse passwords
  • Avoid sketchy websites and only download files from sources you trust

With more and more devices becoming ‘smart’, it’s also a good idea to make sure everything has a strong password, from speakers to cameras, TVs, watches, and even some fridges and thermometers. If it has a network connection, then it could become part of a botnet.

Finally, keep everything on your computer updated. This includes your operating system, all your software, and most importantly, your anti-virus!

Learn More

Computerphile: Botnets

https://youtu.be/UVFmC178_Vs

Everything You Need to Know about BOTNETs

https://cytelligence.com/everything-you-need-to-know-about-botnets/

The Mirai Botnet Explained

https://www.csoonline.com/article/3258748/the-mirai-botnet-explained-how-teen-scammers-and-cctv-cameras-almost-brought-down-the-internet.html

The Reaper Botnet

https://www.wired.com/story/reaper-iot-botnet-infected-million-networks/

9 of History’s Notable Botnets

https://www.whiteops.com/blog/9-of-the-most-notable-botnets

The Internet is Mostly Bots

https://www.theatlantic.com/technology/archive/2017/01/bots-bots-bots/515043/

There are Zombies in Our Midst

https://www.nsa.gov/News-Features/News-Stories/Article-View/Article/2003785/there-are-zombies-in-our-midst/

2016 is the year of the bots. But what about zombies?

https://www.aberdeen.com/techpro-essentials/2016-year-bots-zombies?

Slow Loris

https://kidscodecs.com/slow-loris-dos-attack/

A Short History of Bots and Robots

https://kidscodecs.com/a-short-history-of-bots-robots/

What is a keylogger?

https://www.malwarebytes.com/keylogger/

Top 5 types of keyloggers

https://softwarelab.org/what-is-a-keylogger/

Five common types of Phishing attacks

https://www.itgovernance.eu/blog/en/the-5-most-common-types-of-phishing-attack

Clickfarms

https://en.wikipedia.org/wiki/Click_farm

What is DDoS?

https://en.wikipedia.org/wiki/Denial-of-service_attack