Botnet – The Swarm

There is nothing scarier than The Swarm of wasps flying towards you? What about a Swarm of Bots? Let’s talk about Botnet.

Botnet

In short? Botnet is a set of softwares that is on many computers connected to each other in a network.

In detail?

Bot – aka “Zombies“, not exactly a “robot”, but a software component that is installed, usually secretly, on your computer and acts as an intermediary between it and the C&C (Command and Control) server. The most common way to infect a computer and turn it into a bot is through a dedicated trojan.
After the Bot got installed on your device, it connects to the C&C Server. The Bot sends information and receive “orders” defined by the Bot Master. The Bot Master is a user (or an organization) that owns and controls the C&C Server.

BotNet is a number of this bots that are being controlled in a certain C&C Server. There are many botnets, the most famous of which are Zeus and SpyEye, on the basis of which dozens more were built. Their price can reach thousands of dollars and the organizations that builds them are considered Software companies.

There are 4 main Types of Botnets

The Common Botnet

has capabilities such as running a process on the infected computer, retrieving passwords and keystrokes. Often, there will be the possibility of stealing identification information for websites (form grabber) as well as planting malicious codes on a page received from a web server (aka web inject).

Ransomware
At least they made it easier to pay?

Ransomware

a nasty type whose goal is to lock your computer until you transfer a certain amount to the criminal’s account, similar to dealing with hostages and ransom. The lock can be in the form of a screen that blocks any possibility of working with the computer to a sophisticated trojan that encrypts all the files on the disk. The only way to restore them is by the command from the bot master.

RAT

its full name is Remote Access Trojan or Remote Administration Tool, depending on who uses it. A tool that allows full control over the victim’s computer, such as taking screenshots and viewing the camera, browsing files and desktop, planting processes and tasks, controlling the browser and hardware devices, and much more…

DDoSer

the scariest of the bunch. Do you want to make hundreds of computers simultaneously flood a competitor’s server? This is the tool for you. You can send a command to all the bots that will open broken connections to the server you want to take down. For example, this could be a SYN flood attack or sending HTTP requests that cause the web server to leave a session open, thus causing it to reach the connection limit. The main purpose of this type of Botnet is to perform Denial of Service attacks (DoS).


Afraid? Did you know that Kayran, the Web Application Vulnerability Scanner can detect vulnerabilities that may leave you exposed for these sorts of attacks?

Stay “Botty”, choose Kayran.

The Dark Web

Let’s talk about the darker and more mysterious side of the internet, also known as The Dark Web. You’ve probably heard about it, whether it’s

Read More »

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Kayran! If you’ve been on the internet for over an hour, you probably already heard of

Read More »

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »