Sometimes commands come from a central server, though more often now botnets have a distributed architecture that makes their controllers harder to track down. Once the PC is compromised, the controller - known as a bot herder - issues commands via IRC or other tools. PCs could be captured either through unprotected network ports or via trojans or other malware, often spread by spam, that would open backdoors attackers could access. Traditionally, botnets are created by compromising home PCs, which often had a number of vulnerabilities. Another common use - and the one the Mirai botnet served - is as foot soldiers in a DDoS attack, in which a target server is simply bombarded with web traffic until it's overwhelmed and knocked offline. The very first botnet was built in 2001 to send spam, and that's still a common use: because the unwanted messages are being sent from so many different computers, they're hard for spam filters to block. Because there are many bots, the controllers basically have access to a sort of hacked-together supercomputer that they can use for nefarious purposes, and because the bots are distributed over various parts of the internet, that supercomputer can be hard to stop.
0 Comments
Leave a Reply. |