What is a Botnet?

What is a Botnet?

You may or may not have heard the term “botnet”, but if you get spam in your inbox it is probably what was used to send at least some of it.

Botnets are a wide network of computers under the control of a central authority that uses that network to keep their true identity hidden.  Very often these networks are used to send spam, attempt to infiltrate other computers, spread virus’s & malware and to perform attacks against other websites.  Whose computers you ask?  Well, maybe yours.

Server log of botnet attempting to send spam through a compromised user account.

The computers listed in the picture are part of a botnet that was recently used to send spam through an e-mail server.  The botnet had been fed the spam message, the username and stolen password of a valid user by the person controlling the network.  That network was then slowly trickling out spam messages to that user’s e-mail provider, properly authenticating as that user the whole time.  This picture shows the failed responses the network was receiving after that password was changed.

The sad fact is that all of these computers are probably infected with some sort of Malware/Spyware/Virus (crap) that allows them to be controlled from a central point, hiding the true spammer from detection.  Parts of these botnets may not even be what you would term a computer  – they might be network equipment, other servers, even your phone.

Now you might imagine that these devices are neglected equipment full of garbage sitting in some back office, but the sad fact is that they are probably the same computers used to do company bookwork, prepare documents, complete your homework or take care of your online banking.  The owner of the computer probably doesn’t have any idea that their computer is sending the mail message other than it might be slow or behaving strangely from time to time.

The other unfortunate consequence of the botnet infection is that these computers potentially can be leaking your identity, bank account information and passwords to the person in control.  Likely this information is later used to send spam in your name, drain your bank account or steal your identity.

Is my computer part of a botnet?

While it is impossible to really tell you for sure that your computer has been used in a botnet, there are some sure signs that something is amiss:

  • Slow performance, especially on the internet.
  • You can’t open or load some websites (especially anti-virus or computer update websites).
  • The Internet light on your modem or router is blinking furiously even though you are not using your computer.
  • Your anti-virus or security software will not load or you can not install antivirus software.
  • Your computer fails to update.

The secret to keeping your computer out of a botnet?

  • Don’t assume that the manufacturer or software vendor is taking care of you.  They might be forced to release fixes for their software, but it is usually after the problem has been detected by them and long ago exploited.  Get decent anti-malware / anti-virus protection.
  • Keep it maintained.  If you have any ‘glitches’, slowness, strange behavior have it looked at by a professional.  A once a year checkup can go along way to insuring a happy relationship between your, your computer and the Internet.
  • Turn it off.  When your not using it, why not turn it off – saves power & money and also provides less opportunity for your computer to be exploited or serve as part of a problem.