What is botnet, and how do you protect against botnets?

What are botnets

It was 20th September 2016 when the world saw what can a botnet do. Known as Mirai botnet, it brought most of the internet to a standstill. On this day, Mirai botnet was used to perform DDoS attacks on security journalist Brian Krebs’ website, hosting provider OVH and the DNS service provider Dyn. As Dyn provides DNS service to websites like Netflix, Github, Twitter, Reddit, all the sites became non-functional, so you can imagine to what extent it had affected the internet.

So what is botnet?

Botnets are a network of computers running one or more bots using which various types of attack can be performed usually abhorrent ones. You can consider Botnet as your common cold; victims don’t directly realize that they have been infected with a botnet, they can affect almost all the devices connected to the internet, even your smart car and refrigerator. This is usually done by spreading Trojans to devices which are used by hackers to take over the control.

When the user with an infected device, share any file from their system over the internet, like Torrent platform, thousands of unknown people who download the file also get infected. This is how an army of botnet device is created, which is in turn used for the attack. The ease with which a hacker creates such a massive network of bots decisively is what makes them so effective.

Which devices are at risk from botnets?

As always, the devices which are not up to date with the latest firmware or security patch will be the first ones going down. This is common with the systems which are overlooked especially in Schools and business establishments

Such systems, if connected to the internet, can easily be exploited because of all the unpatched vulnerabilities, makes them an easy target where they can be remotely controlled.

So any device that is unused for a prolonged period can start suddenly consuming a lot of bandwidth, power and start behaving peculiarly. Especially, devices that run in the background like security cameras pick up vulnerabilities very easily.

Botnets in action and botnet protection

As botnets are easy money for hackers, they have become a most sought after hacking tool. Even for a tech-savvy person, it is not easy to detect a botnet. Usually, the signs include too many error warnings, very slow or unresponsive browser, but again, it is not necessary that these signs indicate the presence of botnet. There are a lot of internet devices out there that have a buggy UI, which may cause the same issue.

what is a botnet

As we now know the means for us to get compromised, let us see them in detail and prevention as well.

1. Phishing or Spamming botnets

Email is the simplest way to spread malware as the masses very commonly use it. One click to hundreds of spam email sent is all they want; this is how your system becomes susceptible to a botnet.

Using phishing, a hacker a setup a fake Gmail, Netflix, Bank login page and steal your credentials and spread the malicious code further.

Prevention

Most of the services like Gmail, Amazon, etc. provider two-factor authentication using an app that produces code for authentication; this is by far the safest method to secure your account. Avana is a service that will scan all your incoming emails for malware which will protect against phishing and rigged attachments.

2. Keyloggers 

Keyloggers are applications that will be running discreetly on your system monitoring all your keystrokes and sending over to the hacker. A Botnet can install this on hundreds of system under its control.

A hacker can easily filter out keywords like Skrill or Payoneer, and they will have your account login details. It is very likely that a user will use the same credentials on most of the app including their Bank app and just like that they will have access to most of your money

Prevention

The best preventive measure that you can do is using password managers like Dashlane. These types of services are incredibly secure as they encrypt your password and you never have to type them manually on any login page. When you install Dashlane or any similar app, the very first time, you will have to type in the username and password, so instead of using your physical keyboard, use the virtual one. This will save you from any keylogger installed on your system

3. Add-ons

There are a ton of applications out there, but you will never know which one to trust. You can try Googling “Malware removal tool,” and you will see the flood to results that come in. Most of such tool will have malware lurking behind the original software, and when you install it, the malware will also get installed, thus chances of ending up in the bot network increases.

Prevention

Whenever I want to download any software, I make it a point to search for reviews; this is a smart way to know if the application is legit or not. If you do not find any review, do not take a chance of installing it. There are also browsers available keeping security in mind like Duckduckgo, which will not record your data, block advertisements, etc. thus improving the chances of you not getting hacked.

4. Click Fraud

There is the most profitable and straightforward type of hacking; an estimated profit of $20 million is generated each month from this kind of fraud.

A hacker will create a network of bots or simply a botnet and use that for clicking on advertising link which will generate revenue per click.

Prevention

There are automated systems that usually covers this for you, like Google’s fraud prevention system. Other steps that you can undertake is, switching to Facebook/Twitter ads, banning specific locations, and blocking certain IPs that you think are suspicious.

It is also equally important to know how to detect if a botnet already infects you

Use the following websites to check if your IP address is a part of the bot network:

  1. http://botnet.global.sonicwall.com/view
  2. https://checkip.kaspersky.com/

If your IP address is flagged as infected, following the steps below will help you remove yourself from botnet

  1. Reset your router, this might give you a new IP address
  2. Switch to public DNS services like Google, OpenDNS or Cloudflare
  3. Change all the default passwords on devices like routers
  4. Upgrade the firmware on your router or upgrade the router.

As it is rightly said, “Prevention is better than a cure”, you have always to take a keen interest in the security of your internet devices and the best way to do this is going for a VPN service. When you are connected to a VPN network, you are communicating within a secured system which will almost eradicate the chances of getting infected.

Go for the cheapest but one of the best providers out there – LimeVPN

Written By Neha Shelar