Botnets

thumb|Stacheldraht botnet diagram showing a DDoS attack (Note this is also an example of a type of client–server model of a botnet.) A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform distributed denial-of-service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its connection. The owner can control the botnet using command and control (C&C) software. The word "botnet" is a portmanteau of the words "robot" and "network". The term is usually used with a negative or malicious connotation.

network connected computer that has been compromised and is used for malicious task without the owner being aware of it

open source network stress testing and denial-of-service attack application

large cyberattack that affected Europe and North America in 2016

malware that turns computer systems running Linux into remotely controlled "bots"

computer Trojan horse

download manager and malware application for Windows

Emotet is a malware strain and a cybercrime operation believed to be based in Ukraine. The malware, also known as Heodo, was first detected in 2014 and deemed one of the most prevalent threats of the decade. In 2021, the servers used for Emotet were disrupted through global police action in Germany and Ukraine and brought under the control of law enforcement. Despite this disruption, Emotet resurfaced in subsequent years with new capabilities, continuing to be regarded as one of the Internet’s most persistent and adaptable threats.

type of botnet

Computer botnet

computer worm

Chinese cyberweapon attack tool

Sality is the classification for a family of malicious software (malware) infecting Microsoft Windows system files. Sality was first discovered in 2003 and has advanced into a dynamic, enduring, full-featured form of malicious code. Systems infected with Sality may communicate over a peer-to-peer (P2P) network to form a botnet to relay spam, proxy communications, exfiltrate sensitive data, compromise web servers, and/or coordinate distributed computing tasks to process intensive tasks (e.g., password cracking). Since 2010, certain variants of Sality have also incorporated rootkit functions as

DNS technique for evading origin server fingerprinting

Linux.Wifatch is an open-source piece of malware which has been noted for not having been used for malicious actions, instead attempting to secure devices from other malware.

botnet used to census the entire IPv4 internet

windows-platform based Trojan horse computer malware

Gumblar is a malicious JavaScript trojan horse file that redirects a user's Google searches, and then installs rogue security software. Also known as Troj/JSRedir-R this botnet first appeared in 2009.

Gayfemboy is a malware strain that infects corporate electronics including those from DrayTek, TP-Link, Raisecom, and Cisco by utilizing CVEs. It has affected companies in Brazil, France, Germany, Israel, Mexico, the United States, Switzerland, and Vietnam, and is impacting sectors such as construction, manufacturing, technology, and media/communications.

Torpig, also known as Anserin or Sinowal is a type of botnet spread through systems compromised by the Mebroot rootkit by a variety of trojan horses for the purpose of collecting sensitive personal and corporate data such as bank account and credit card information. It targets computers that use Microsoft Windows, recruiting a network of zombies for the botnet. Torpig circumvents antivirus software through the use of rootkit technology and scans the infected system for credentials, accounts and passwords as well as potentially allowing attackers full access to the computer. It is also purporte

peer-to-peer botnet