What is a 'Botnet'

A botnet is a network of internet-connected devices that have been compromised by hackers without the knowledge of the legitimate owners. A botnet is able to control the computers it targets by using a malicious software, after which the computers and devices are used to perform cybercriminal activities such as Distributed Denial of Service (DDoS) attacks, spam emails, and data theft.

A botnet can also be referred to as Zombies. A botnet controller is referred to as a botherder.


A botnet is a combination of the words ‘robot’ and ‘network’. A bot is a malicious software script that is programed to give the botherders control over a computer that has the software installed in it. The infected computer with other infected devices are then organized into a network which the cybercriminal or botherder can remotely access and manage. The computers that comprise of a botnet are usually situated all over the world and could be from a hundred devices to millions of devices connected to the internet.

Most victims to botnets are home-based computers with weak security protocols and ineffective firewalls. Malware like Trojan viruses are usually situated in vulnerable websites which, if accessed by an unsecured digital device, can install the malicious program on the computer. Computers can also fall victims to botnets if their users open email attachments that have malware embedded in them. Once the malware program has been installed to a device, the bots contact the herder through a site or server called the Command-and-Control (C&C) server. Most times, the users don’t know that their computers have been compromised as the programs silently get installed and remain hidden until called to action by their maker. A herder who has access to the C&C server and has garnered enough devices or zombies on the network for the intended attack can send out a single command to the bots now distributed over the world.

Why Use a Botnet? 

A botnet can be used for different reasons. A botherder can intend to use a botnet to carry out a Distributed Denial of Service (DDoS) attack where it uses its zombies to send fake requests and traffic to a host of websites. The traffic received by these sites may be too overwhelming to manage, causing the websites to shut down and be inaccessible to their legitimate users. In 2016, a botnet called Mirai was used to propagate the server of a domain name provider, Dyn. In this case, the botnet comprised of thousands of Internet of Technology (IoT) devices such as webcams, cameras, and DVRs that were connected to the internet. Because Dyn was a host to multiple websites like Amazon and Netflix, when its server was compromised, this also affected the operations of the websites it hosted.

A botnet can also be used to carry out ransomware attacks on individuals and businesses. The infiltrated computers can be used to send out massive spam emails with corrupted attachments to thousands of computer devices. Access to any of these attachments will trigger a ransomware attack where data is encrypted and locked, and which can only be unlocked if the ransom demanded is paid within a specified time period. In 2016, a botnet called Necurs which hosts over 6 million devices on its network carried out a ransomware attack on the Hollywood Presbyterian Medical Center. The hospital’s medical records were released after the hospital paid out $17,000 in Bitcoins.

Botnets can be used to steal sensitive information that is stored on computers. Once data is breached and the information is stolen, the herders can sell this information in underground web marketplaces that transact in illegal commodities.

Botherders with an established network of zombies would sometimes sell access to their botnets to other cybercriminals. The herder can sell the use or temporary access of his botnets or he can sell them outright for a one-time fee.

  1. Ransomware

    Ransomware is a cyber-extortion tactic that uses malicious software ...
  2. Data Breach

    A data breach is an unauthorized access and retrieval of sensitive ...
  3. Malware

    Malware is a software designed to allow an outside party access ...
  4. Smart Home

    A smart home is a home setup where Iinternet-enabled appliances ...
  5. Cloud Computing

    Cloud computing is a model for delivering information technology ...
  6. Networking

    Networking is a process that fosters the exchange of information ...
Related Articles
  1. Tech

    What is Botnet Mining?

    Beyond the standard mining process, botnet mining is another profitable, yet illicit, way to earn cryptocurrencies
  2. Tech

    Cryptocurrency Mining Malware Attacks Are a Threat

    More than 1.65 million computers have been targeted in malware attacks related to cryptocurrency mining.
  3. Tech

    Hackers Target Computer Rigs to Illegally Mine Cryptocurrencies

    Hackers are now stealing random people's computer power to mine digital tokens in an alarming new trend.
  4. Tech

    Cybersecurity Steps Everyone Should Take

    Anyone using a device connected to the internet should employ these cybersecurity practices.
  5. Tech

    What is Illicit Cryptomining?

    Illicit cryptomining is when malicious parties try to surreptitiously mine for cryptocurrency using others' computing power.
  6. Investing

    Android Phones Vulnerable to Wi-Fi Attacks: Report

    Cybersecurity experts say a new kind of attack lets hackers read Wi-Fi traffic, inject malware.
  7. Tech

    Is Making Your Home ‘Smart’ A Dumb Idea?

    Remote-controlled devices and home systems could allow hackers to penetrate your sensitive data, not to mention your premises.
  8. Tech

    SWIFT Attacks: Hackers Strike Again

    The recent SWIFT cyberattack has revealed connections to the earlier Bangladesh and Sony attacks.
  9. Tech

    Cybersecurity: Stay Safe Online With These Tips

    No one can guarantee that any of us are 100% safe from cyber and identity related crimes, but we can make ourselves less of a target. Here's how.
  10. Tech

    What Do the Apple Meltdown and Spectre Flaws Mean for Cryptocurrencies?

    Security flaws in chips that affect Mac computer systems and iOS devices could jeopardize crypto wallets.
  1. Who are Apple's main competitors in tech?

    Explore Apple's competitive position in the many industries in which it operates. Learn about the different products and ... Read Answer >>
  2. How do Internet companies profit if they give away their services for free?

    Learn how companies in the Internet sector make a profit when service, content and user applications are offered at no cost ... Read Answer >>
  3. Who are Google's (GOOG) main competitors?

    Explore Google's different revenue segments and its competitors in each, ranging from Microsoft and Yahoo to Moody's Investor ... Read Answer >>
  4. What are the advantages of paying with Bitcoin?

    Learn how payments made with Bitcoins offer certain advantages over standard currency, including user anonymity, no taxation ... Read Answer >>
Hot Definitions
  1. Diversification

    Diversification is the strategy of investing in a variety of securities in order to lower the risk involved with putting ...
  2. Intrinsic Value

    Intrinsic value is the perceived or calculated value of a company, including tangible and intangible factors, and may differ ...
  3. Current Assets

    Current assets is a balance sheet item that represents the value of all assets that can reasonably expected to be converted ...
  4. Volatility

    Volatility measures how much the price of a security, derivative, or index fluctuates.
  5. Money Market

    The money market is a segment of the financial market in which financial instruments with high liquidity and very short maturities ...
  6. Cost of Debt

    Cost of debt is the effective rate that a company pays on its current debt as part of its capital structure.
Trading Center