Here’s What You Need To Know About Botnets

By on

In the year of 2000, Professor Vijay Pande, a renowned Stanford University researcher, released a little program that, when downloaded by a user, would simulate how protein molecules fold—a necessary and important part of drug research. But protein folding is a complicated process, requiring a lot of computing power to do the simplest of recreations. Pande’s program, however, distributed that computing burden among thousands of personal computers. All of the sudden, researchers had a cheap way of doing expensive research.

Pande, in essence, created a botnet.

A botnet is a network of personal computers working together to accomplish a given task. The term botnet is used because these automated programs, called robots or “bots” are spread across a network of computers. These computers are often controlled through a server—a computer acting as a communication resource for other devices. In the case of botnets, this server is often called a command and control server. It is central to running and maintaining a botnet.

On their own, individual bots are fairly weak programs. In aggregate, however, botnets can be very powerful. And very damaging.

Unscrupulous characters often use botnets to power a variety of illegal projects. Denial-of-Service Attacks (DoS), where infected computers flood a webpage with traffic to knock it offline, are one common use of botnets. These attacks can, and do, cost businesses millions of dollars in losses in a short period of time. Malicious botnets are also used to distribute viruses, steal passwords and propagate spam. Botnets, for the most part, are effective, cheap ways for cybercriminals to compel computers to do bad things.

We recently worked with the United States Department of Justice and other security firms to take down a botnet named “Gameover Zeus.” Gameover Zeus stole personal information like bank account passwords and usernames. The botnet was also used to distribute Cryptolocker—a type of malicious program called “ransomware.” Ransomware essentially holds a computer hostage until its owner pays a ransom to the cybercriminal.

In its press release, the Department of Justice estimated that Gameover Zeus and Cryptolocker caused more than $100 million and $27 million in damages, respectively. The botnet’s creator, identified as Evgeniy Mikhailovich Bogachev, is now wanted by the Federal Bureau of Investigation.

So yes. Botnets can be very bad. They can also be very good. Professor Pande’s program, Folding at Home, has helped researchers better understand diseases like Alzheimer’s and Huntington’s—which in turn will help develop treatments. The critical difference here, other than intent, is consent. Participants in Folding at Home knowingly download the program in order to help it achieve its end goal: better medical treatments. Botnets, however, rob victims of that consent and exploit this robbery further by stealing and selling personal information.

So what can you do to protect yourself from botnets? Well, thankfully, there are a few steps you can take:

  • Always use a comprehensive security solution. Comprehensive security solutions, like McAfee LiveSafe™ service, are critical in detecting and deterring the programs that make botnets possible. By preventing unwanted access to your computer, you can help to stunt the spread of botnets.
  • Keep your software up to date. Always update your devices. Software updates include more than just the latest features—they also include the latest security fixes. When you update, you’re protecting yourself from cybercriminals who want to use your computer against you and others.
  • Watch where you browse. The Internet can be a dangerous place. Browser-based exploits found on compromised websites can inject malicious code onto your computer. Keystrokes, passwords and other personal information like credit card data can be recorded and shipped to servers across the globe. The best way to prevent these exploits from taking advantage of you and your computer is to stay on safe websites. Do this by sticking to websites you know and those sites that appear on the first few pages of search results.

And, of course, stay on top of the latest consumer and mobile security threats by following @McAfee_Home and myself on Twitter and Like us on Facebook.

GaryNasdaq_NCSA_Conference_panel small

 

Categories: Consumer Threat Notices
Tags: ,

Leave a Comment

Similar articles

Holiday stress. Every year, come November, my resting heart rate starts to rise: the festive season is approaching. Not only is there so much to do but there’s so much to spend money on. There are presents to purchase, feasts to prepare and party outfits to buy. Throw in a holiday to fill the long ...
Read Blog
Cryptocurrency mining is the way transactions are verified and added to the public ledger, a database of all the transactions made around a particular piece of cryptocurrency. Cryptocurrency miners compile all of these transactions into blocks and try to solve complicated mathematical problems to compete with other miners for bitcoins. To do this, miners need ...
Read Blog
The authors thank their colleagues Oliver Devane and Deepak Setty for their help with this analysis. McAfee Labs researchers have discovered new Russian malware, dubbed WebCobra, which harnesses victims’ computing power to mine for cryptocurrencies. Coin mining malware is difficult to detect. Once a machine is compromised, a malicious app runs silently in the background ...
Read Blog