What is a 'Botnet'

A botnet is a network of internet-connected devices that have been compromised by hackers without the knowledge of the legitimate owners. A botnet is able to control the computers it targets by using a malicious software, after which the computers and devices are used to perform cybercriminal activities such as Distributed Denial of Service (DDoS) attacks, spam emails, and data theft.

A botnet can also be referred to as Zombies. A botnet controller is referred to as a botherder.


A botnet is a combination of the words ‘robot’ and ‘network’. A bot is a malicious software script that is programed to give the botherders control over a computer that has the software installed in it. The infected computer with other infected devices are then organized into a network which the cybercriminal or botherder can remotely access and manage. The computers that comprise of a botnet are usually situated all over the world and could be from a hundred devices to millions of devices connected to the internet.

Most victims to botnets are home-based computers with weak security protocols and ineffective firewalls. Malware like Trojan viruses are usually situated in vulnerable websites which, if accessed by an unsecured digital device, can install the malicious program on the computer. Computers can also fall victims to botnets if their users open email attachments that have malware embedded in them. Once the malware program has been installed to a device, the bots contact the herder through a site or server called the Command-and-Control (C&C) server. Most times, the users don’t know that their computers have been compromised as the programs silently get installed and remain hidden until called to action by their maker. A herder who has access to the C&C server and has garnered enough devices or zombies on the network for the intended attack can send out a single command to the bots now distributed over the world.

Why Use a Botnet? 

A botnet can be used for different reasons. A botherder can intend to use a botnet to carry out a Distributed Denial of Service (DDoS) attack where it uses its zombies to send fake requests and traffic to a host of websites. The traffic received by these sites may be too overwhelming to manage, causing the websites to shut down and be inaccessible to their legitimate users. In 2016, a botnet called Mirai was used to propagate the server of a domain name provider, Dyn. In this case, the botnet comprised of thousands of Internet of Technology (IoT) devices such as webcams, cameras, and DVRs that were connected to the internet. Because Dyn was a host to multiple websites like Amazon and Netflix, when its server was compromised, this also affected the operations of the websites it hosted.

A botnet can also be used to carry out ransomware attacks on individuals and businesses. The infiltrated computers can be used to send out massive spam emails with corrupted attachments to thousands of computer devices. Access to any of these attachments will trigger a ransomware attack where data is encrypted and locked, and which can only be unlocked if the ransom demanded is paid within a specified time period. In 2016, a botnet called Necurs which hosts over 6 million devices on its network carried out a ransomware attack on the Hollywood Presbyterian Medical Center. The hospital’s medical records were released after the hospital paid out $17,000 in Bitcoins.

Botnets can be used to steal sensitive information that is stored on computers. Once data is breached and the information is stolen, the herders can sell this information in underground web marketplaces that transact in illegal commodities.

Botherders with an established network of zombies would sometimes sell access to their botnets to other cybercriminals. The herder can sell the use or temporary access of his botnets or he can sell them outright for a one-time fee.

  1. Denial Of Service Attack (DoS)

    A Denial Of Service Attack (DoS) is an intentional cyberattack ...
  2. Data Breach

    A data breach is an unauthorized access and retrieval of sensitive ...
  3. Smart Home

    A smart home is a home setup where Iinternet-enabled appliances ...
  4. Intrusion Detection System (IDS)

    An Intrusion Detection System (IDS) is a computer program that ...
  5. Data Loss

    Data loss occurs when valuable and/or sensitive information on ...
  6. Cybersecurity

    Cybersecurity refers to the measures taken to keep electronic ...
Related Articles
  1. Tech

    How Advisors Can Combat Ransomware

    Ransomware is malicious technology that’s becoming increasingly commonplace in corporate computer network. Here's how to combat it.
  2. Tech

    Hackers Target Computer Rigs to Illegally Mine Cryptocurrencies

    Hackers are now stealing random people's computer power to mine digital tokens in an alarming new trend.
  3. Tech

    Crypto Mining Up 8,500% Last Year: Report

    Security firm Symantec calls cryptocurrency mining the biggest trend of 2017.
  4. Tech

    Bitcoin Price Drops After "WannaCry" Ransomware Taint

    Bitcoin price has undergone a price revision since the WannaCry cyber-attack.
  5. Insights

    6 Ways To Protect Yourself Against Cybercrime

    Cybercrime is becoming more and more serious in the U.S. Here are some ways you can protect your finances from cybercriminals.
  6. Investing

    Android Phones Vulnerable to Wi-Fi Attacks: Report

    Cybersecurity experts say a new kind of attack lets hackers read Wi-Fi traffic, inject malware.
  7. Tech

    Cybersecurity: Stay Safe Online With These Tips

    No one can guarantee that any of us are 100% safe from cyber and identity related crimes, but we can make ourselves less of a target. Here's how.
  8. Tech

    9 Ways to Protect Your Cell Phone From Identity Theft

    Thanks to lax phone security and sophisticated hackers, cell phones are the target for identity theft.
  9. Tech

    What Do the Apple Meltdown and Spectre Flaws Mean for Cryptocurrencies?

    Security flaws in chips that affect Mac computer systems and iOS devices could jeopardize crypto wallets.
  10. Investing

    Intel Chip Flaw Lets Hackers Access Windows Devices Remotely

    Intel disclosed a new security flaw that enables hackers to access Windows PCs, servers and laptops remotely without the need for a password.
  1. Who are Apple's main competitors in tech?

    Explore Apple's competitive position in the many industries in which it operates. Learn about the different products and ... Read Answer >>
  2. Who are GoDaddy's (GDDY) main competitors?

    GoDaddy, the biggest domain registrar has enjoyed great success over the years but its market dominance is now under threat ... Read Answer >>
  3. How do Internet companies profit if they give away their services for free?

    Learn how companies in the Internet sector make a profit when service, content and user applications are offered at no cost ... Read Answer >>
  4. What impact have terrorist attacks had on the insurance industry?

    Learn about the impact of terrorist attacks on the insurance industry and how the 9/11 terrorist attack led to important ... Read Answer >>
  5. What are some examples of the main types of capital expenditures (CAPEX)?

    Learn about different expenses with acquiring assets that are considered capital expenditures and should be depreciated over ... Read Answer >>
Trading Center