‘Bot,’ is a slang term for ‘robot.’ In this case the term is used to describe a program or piece of software created to perform a task automatically and on command. ‘Malware’ is software designed to infiltrate (infect) a computer system without the owner’s consent. Bots are often included in malware. When a computer has been infected, it becomes by a bot, or Zombie, in that it’s now under the control of its master, rather than the owner of the computer.
Remotely controlled computers can be combined into networks known as ‘botnets’. The people who control botnets are called ‘bot herders’ or ‘botmasters.’ As a botnet adds more infected computers, it becomes more powerful. In early 2010 a botnet called Mariposa was taken down by Spanish authorities, the FBI and several private Internet security firms. The Mariposa network contained 12.7 million computers. Most botnets are not nearly that big, but may contain hundreds of thousands of infected computers. Every one of those infected computers belongs to someone like you, or one of our friends or family.
What is the point of hijacking hundreds of thousands of computers? The bad guy’s goal is to make money. They do that by committing Internet crimes. Hijacking your computer makes it difficult for authorities to trace the crime back to the criminal. Once hijacked, computers are further infected with malware to search for anything of value. Account numbers with passwords and IDs, social security numbers, credit card numbers, are just a few examples. This information has value on the black markets of the Internet.
Botnets can be used for several malicious purposes. First they can be use to sell illegal or counterfeit products by e-mail. Pharmaceuticals and counterfeit watches seem to be hot right now. In other cases the e-mails are intended to drive traffic to an infected website in an attempt to infect as many visitors as possible. The distribution of billions of phishing e-mails daily is another popular use of botnets. The most sophisticate use of botnets is for a cyber attack against a specific website, server, network or even a whole country. In 2007 the country of Estonia was essentially shut down for 3 weeks during a cyber attack.
This is a great quote from Rik Ferguson, a senior security analyst at the Internet security firm Trend Micro. It sums up the situation we’re all facing. “…most non-commercial spam these days is aimed solely to get you to click on a link, even out of curiosity. As soon as you click on that link, you’re infected, most likely to become yet another botnet victim, have your identity and information stolen and go on to participate, all unknowingly in the infection of further victims.”
Billions of dollars are spent annually to protect computers from malware such as viruses, Trojans, worms, etc. More billions are lost to theft and fraud not to mention the cost of repairs, lost productivity and missed business opportunities. Yet there is no end in sight. Malware is created by organized, sophisticated and well-funded criminal gangs. Their goal is to take your money and they’ve found an endless variety of ways to reach that goal. Antiquated laws and a lack of resources hinder the efforts of law enforcement.
To be safe on the Internet you need to know how to protect yourself. Here’s a recent post on Internet Security that can help you get started: http://techteachtoo.com/internet-security/internet-security/ If you find this information useful, you might also like the website http://techteachtoo.com. A free e-mail newsletter is available, or you can subscribe via RSS.
Mail this post
Fri, Jul 16, 2010
Spyware