I wrote about DDoS attack a few days ago. And, the power of a DDoS attack is directly proportional to the number of Botnets (compromised systems) that attackers have access to. So, it is really necessary that we find out if our devices are controlled by hackers. Also, hackers may have been stealing your private information by making you their slave. In this article, we will talk about what botnet is, why it is dangerous and how to stay safe.
What is a Botnet?
In simple terms, a network of the infected devices is called a botnet. These infected devices can communicate with each other without the knowledge of the device owner. For example, when a malware(virus) infects your computer, the malware can send information about you to other infected computers; and you won’t have a clue. Then, these infected computers, called as “bot”, connect with each other to form a botnet.
Once a botnet is formed, the malware maker (hacker) can remotely control all the devices in the network. Since the device owners won’t know about the activities of their computer (once they are in a botnet), devices in the botnet are sometimes referred as zombie computers.
How is a botnet created?
First of all, an attacker creates or buys exploit kit. Then, with the help of the tools, they infect your computer with a malware. After that, the malware does all the job– the malware starts connecting with other malware on other infected devices by logging to command-and-control (C&C) server. This way, based on the quality and capability of the bot (malware), the bot can create a large or a small botnet. A famous bot these days is Mirai which targets IoT devices.
Why is botnet dangerous?
Because, first of all, anyone with a little computer knowledge can create a botnet in 15 minutes. And, botnets can be used for following malicious activities.
- The master of a botnet can use the network to send millions of spam emails in seconds.
- Botnets are an essential part of making a strong DDoS attack– making websites unavailable by overflooding the website with fake traffic.
- Steal the credentials (username, password) of the infected computer– if your computer is a part of a botnet, your private data is under threat.
- Use the resources of infected devices for Brute-force attacks (for cracking passwords).
Since the botnets are like robot warriors that can spread like a virus, hackers can use if for their deeds and not even get caught. So, we, device owners, must take safety measures to prevent our devices from being infected (if you are not already infected).
Signs that your computer may be already infected:
- Your computer is becoming slower.
- You get weird error messages on your computer.
- Your computer crashes more often.
- Task Manager shows various unidentified programs running.
- Ads are displayed even when you are not running a browser.
- You see posts that you didn’t post on your social media timeline.
- Your email contacts receive emails from you that you didn’t send.
- You cannot download/run antivirus softwares.
- Your computer’s fan seems to be kicking in even when the system is idle.
How to prevent your computer from being a zombie?
- Always check for services running on your computer using Task Manager. If you see any unwanted or suspicious services that are running, disable them.
- Update your anti-virus regularly (if you are using one).
- Change the password of your router and other devices regularly.
- Some malware can hide from normal anti-virus software, so download and run a rootkit detection tool to be sure.
- Do not download or click pop-ups ads. Ignore them!
- When you are installing a software, be sure to check if other Softwares are also being installed with it.
- Do not open E-mail attachments from unknown sources.
- If you are already infected, it is better to wipe your computer. And then scan your device with anti-virus software.
- Finally, monitor your internet activity using Firewall.