Kaspersky Internet Security Center

How Botnets Drive the Zombie Apocalypse and Threaten Internet Security

Botnet Zombie Attack

Some threats work alone. Others, like botnets, travel in packs. A combination of the terms "robot" and "network," a botnet is a network of enslaved computers that have been programmed to carry out malicious deeds. The network is controlled by a Command and Control (C&C) server where cybercriminals can remotely carry out their malicious deeds. Depending on the scale of infection, a botnet may consist of hundreds or millions of compromised computers, which is why this type of threat is so dangerous.

Bots in Action

Botnets are incredibly diverse in the sense that they can be deployed for a broad range of purposes. Some of their most common uses include:

Email Spam: Malicious robot networks are behind most of the spam mail messages that plague email inboxes — as much as 88 percent. While some of the messages are merely annoying, others are harmful because they carry malware with the intent of infecting unsuspecting recipients. In many cases, the malware is designed to enslave more zombie machines to serve in the network.

DDoS Attacks: When distributed denial-of-service (DDoS) attacks strike, botnets are usually the culprit. With a massive army of zombie computers at their disposal, an attacker can take down a single server or an entire network by flooding it with so many requests that it becomes inaccessible to intended users. These attacks have been politically driven on some occasions, but they are also often part of all-out extortion plots that demand cash in exchange for halting the onslaught.

Financial Gain: Suffering a few hours of downtime may seem like a minor inconvenience in comparison to losing millions of dollars after a successful attack. Throughout the years, bots have been leveraged to steal sensitive financial information and the money it protects. One tech-savvy criminal organization used the infamous Citadel Trojan to steal over $500 million from users, according to a federal complaint by software giant Microsoft.

How to Avoid Bot Infection

The botnet epidemic is generally able to thrive in five ways. The following section highlights those ways, while explaining how to avoid infection.

  1. Email Attachments:As mentioned earlier, computers are often recruited into bot networks through email infections. Because opening an attachment could launch a Trojan or other malicious critter that infects the machine, users should be especially cautious of handling messages from unknown senders
  2. Web Links: Speaking of malicious software, it is more or less the source of all botnet scandals. Whether it's installed via email attachment or browsing an infected website, all it takes is a single click to lose control of your system. The Web is a dangerous place, so beware of the links and content you interact with — even if it's shared from seemingly friendly social sites.
  3. Software Downloads: Downloading something from the Web is risky business for the uninformed user. Desirable software in the form of a free media player or video game may also be harboring a concealed Trojan looking to induct your machine into a new zombie army. Be cautious when downloading software as well as any plugins that want to make changes to your system.
  4. Removable Storage: Computer infections are not only contracted via email and Web surfing. They can also be distributed from portable storage devices such as CDs and USB flash drives, where they can be stored and transported like any file. Businesses especially should implement strict policies against using unidentified storage devices on corporate systems.
  5. Lack of Antivirus Software: The best defense against a botnet onslaught is prevention. However, a good antivirus software program can be incredibly useful in the event that you are infected. In addition to detecting and removing known threats, an ideal solution will continually improve through updates that give it consistently reliable protection against the ever-evolving threat landscape.

Botnets are chief members in a class of the most sophisticated and dangerous computer security threats in the modern era. These attacks are launched in strategic fashion, centrally managed by a mastermind system with the power to cripple lone computers and networks alike. A legitimate concern for individuals, corporations and government entities, threats of this magnitude should be avoided at all costs. The symptoms of this infection may go undetected for months so if you're concerned, take advantage of a free virus scan and make sure you're protected!