Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Botnet
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Traditional=== This example illustrates how a botnet is created and used for malicious gain. # A hacker purchases or builds a Trojan and/or exploit kit and uses it to start infecting users' computers, whose payload is a malicious application—the ''bot''. # The ''bot'' instructs the infected PC to connect to a particular command-and-control (C&C) server. (This allows the botmaster to keep logs of how many bots are active and online.) # The botmaster may then use the bots to gather keystrokes or use form grabbing to steal online credentials and may rent out the botnet as DDoS and/or spam as a service or sell the credentials online for a profit. # Depending on the quality and capability of the bots, the value is increased or decreased. Newer bots can automatically scan their environment and propagate themselves using vulnerabilities and weak passwords. Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet controller community.<ref>{{Cite magazine |last=Berinato |first=Scott |date=November 2006 |title=Attack of the Bots |url=https://archive.wired.com/wired/archive/14.11/botnet.html |url-status=dead |archive-url=https://web.archive.org/web/20140714120508/https://archive.wired.com/wired/archive/14.11/botnet.html |archive-date=July 14, 2014 |magazine=[[Wired (magazine)|Wired]]}}</ref> Computers can be co-opted into a botnet when they execute malicious software. This can be accomplished by luring users into making a [[drive-by download]], exploiting [[browser exploit|web browser vulnerabilities]], or by tricking the user into running a [[Trojan horse (computing)|Trojan horse]] program, which may come from an email attachment. This malware will typically install modules that allow the computer to be commanded and controlled by the botnet's operator. After the software is downloaded, it will call home (send a reconnection [[Network packet|packet]]) to the host computer. When the re-connection is made, depending on how it is written, a Trojan may then delete itself or may remain present to update and maintain the modules.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)