Kesar Tech

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Friday, 29 April 2011

Understanding Hidden Threats: Botnets

Posted on 19:39 by Unknown
As a follow up to my previous post, How To Prevent Your PC From Becoming a Zombie, here is an explenation of some of the terms used.
You may or may not have ever heard of a botnets. Even with all of the references to them in the news these days, it's not easy to gain a clear understanding of what they are, and how they might be affecting you. Keep reading to set the facts on botnets straight.



What is a botnet?
A botnet is a network of compromised, or infected, computers that hackers have commandeered. PCs that are part of a botnet are often referred to simply as "bots".
Botnets are part of the multilayered and profitable crimeware industry, where the initial step is to infect and take control of a targeted computer. PCs in a botnet are under the remote command and control of hackers. As part of that, hackers can take advantage of all of the resources on a machine (from personal information to bandwidth), and use it to perform malicious tasks under remote direction - all to carry out their criminal intentions.

What is a zombie computer?
A zombie computer is a system that has been infected and taken over remotely by cyber criminals. A collection of zombie computers makes up a botnet.

What are botnets used for?
Botnets are controlled remotely by hackers to distribute spam, viruses, and theft schemes - and to hijack additional computers. The main motivation behind botnets, in recent years, is for monetary gain by cyber criminals. Once compromised, cyber criminals have complete access to the infected machine; they are able to load software onto it, or pull information off of it.

Bot herders, the hackers who control botnets, can instruct thousands of computers to follow their orders, whether it's to propagate spam messages, launch fraud schemes or to issue denial of service attacks, targeting certain, often high-profile, websites in order to make them unavailable to users. Once bot herders compile a group of compromised machines, they can sell it to fraudsters who are then capable of using the exploited machines for identity and data theft.

How do I know if my computer is part of a botnet?
Most owners of compromised PC are unwitting victims, never realizing that they have allowed unauthorized access to their computers. Machines are infected without the knowledge of the computer user; usually access to the system is gained through a virus, worm, or Trojan. The symptoms of infection are generally very subtle and are not immediately apparent to the average computer user without using special tools. Still, there are telltale signs and symptoms which may indicate a problem.

•A slow computer
The most apparent sign, according to the analysts as Lavasoft Malware Labs, is "slow computer" syndrome: your Internet connection becomes strangely sluggish, or your PC gets slower as you run a few programs on it simultaneously. (However, users should note that this can also be caused by other types of malware, as well as other PC problems.)

•Accused of sending spam
Being accused of sending spam is a sign that your system is infected and is part of a spam bot.

•Detecting malware responsible for bots
By running an anti-spyware and anti-virus program, the security software will be able to root out an infection and classify it as a bot.

•An unknown or suspicious process is running in the background on your PC
If you use a firewall to monitor network traffic, the program will allow you to spot suspicious traffic on your PC.


For more technically-oriented computer users, bot activity can be discovered through packet sniffer tools and knowledge about different protocols, ports, Windows Registry, processes and TCP/IP. This includes:

•Large amounts of network traffic
Bots often connect to remove servers; they may use a questionable amount of bandwidth and cause network traffic even if you are not online.

•IRC Traffic
Internet Relay Chat (IRC) is a type of real-time Internet messaging, designed mainly for group discussion forums. IRC bots connect to IRC as a client, performing automated functions but appearing to be another IRC user.

•SMTP Traffic
Simple Mail Transfer Protocol (SMTP) is an Internet standard for e-mail across IP networks. Bots may use a built-in SMTP-engine to send spam to other users.

•Open Ports
Open ports allows applications to multitask and use different protocols at the same time. All computer devices on a network need a channel to allow them to communicate with each other. Bots may search for open ports to be able to start a synchronization or communication.
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in Security | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • I need your help.
    Hello and thanks for tuning in for another episode of the Kesar Tech blog. Today I would like to go in a little bit of a different directi...
  • 10 Reasons to Root Your Android Device
    Hello & Happy New Year. For those of you with Android devices, here is a way to take control of your device. It's called "Rooti...
  • Belarc Advisor
    This entry is to explain what the Belarc Advisor link on this page is for. Belarc's products automatically create an accurate and up-to-...
  • How do you get infected with malware?
    The answer to the above question is: Social engineering! Several people have asked me this very question, so to you guys, here is your answe...
  • Welcome
    Let me first start by saying, I am by no means an expert at writing, so you will probably find many grammatical errors and maybe even a spel...
  • Extortionware / Rogue Security Software / Malware
    You may not be familiar with the terms ‘rogue software, extortionware, or malware’ but there’s a very good chance that you or someone you kn...
  • Cell phone privacy reminder
    Cell phone numbers became public in March, and telemarketing companies can now call you on your cell. If you do not want to receive these ca...
  • Banking Scam
    Hello Everyone, I received the following scam email in my junk email account today. Many thing alerted me that this was false. * I have a Ch...
  • Free Download F-Secure Anti-Theft for Mobile 6.2
    Are you worried about your mobile phone being stolen and all your info (contacts, account info, etc..) being used for evil? Have no fear F-S...
  • Beware of Christmas scams
    Scammers absolutely love the holiday season. There are likely to be more online scam victims during those busy shopping and travelling Decem...

Categories

  • Facebook
  • Informative
  • Other
  • Security

Blog Archive

  • ►  2014 (1)
    • ►  January (1)
  • ►  2013 (14)
    • ►  December (6)
    • ►  November (3)
    • ►  October (1)
    • ►  September (1)
    • ►  August (1)
    • ►  June (1)
    • ►  April (1)
  • ►  2012 (20)
    • ►  November (3)
    • ►  October (1)
    • ►  September (1)
    • ►  August (3)
    • ►  July (1)
    • ►  May (3)
    • ►  April (3)
    • ►  March (2)
    • ►  February (2)
    • ►  January (1)
  • ▼  2011 (48)
    • ►  December (3)
    • ►  November (4)
    • ►  October (2)
    • ►  September (2)
    • ►  August (4)
    • ►  July (1)
    • ►  June (8)
    • ►  May (3)
    • ▼  April (6)
      • Understanding Hidden Threats: Botnets
      • How To Prevent Your PC From Becoming a Zombie
      • German Laptop
      • Facebook Tagged Photos Virus.
      • Free Download F-Secure Anti-Theft for Mobile 6.2
      • Malicious Web attack hits 1 million site addresses.
    • ►  March (9)
    • ►  February (3)
    • ►  January (3)
  • ►  2010 (32)
    • ►  December (5)
    • ►  November (2)
    • ►  October (2)
    • ►  September (2)
    • ►  August (2)
    • ►  July (1)
    • ►  June (2)
    • ►  May (2)
    • ►  April (3)
    • ►  March (2)
    • ►  February (4)
    • ►  January (5)
Powered by Blogger.

About Me

Unknown
View my complete profile