Botnet
A network of compromised devices controlled remotely by an attacker, typically used for DDoS, spam, or credential theft.
A botnet is a collection of internet-connected hosts (PCs, servers, routers, IoT devices) infected with malware that lets a remote operator control them as a unit. Botnets are used to launch DDoS attacks, send spam, mine cryptocurrency, brute-force credentials, and proxy malicious traffic. Each infected host (a bot or zombie) periodically calls home to a command-and-control server for instructions. Tracking the C2 channels (DNS queries, HTTPS beacons, peer-to-peer overlays) is one of the main ways security researchers identify and disrupt botnets.
Reference
Related terms
Referenced on
- Complete Guide to DNS Attacks and DNS Security (Prevention, Testing & Mitigation)
- DNS Root Servers Explained: The 13 Servers That Run the Internet
- DNS Water Torture Attack: How Random Subdomain Floods Overwhelm Nameservers
- Email Blacklist Checker
- Fast Flux DNS: How Botnets Hide Behind Rapidly Rotating IP Addresses
- How to Contact Law Enforcement About Cybercrime: Filing Reports With FBI IC3, Europol, and National CERTs
- How to Identify and Manage Web Crawlers: A Sysadmin's Guide to robots.txt, AI Bots, and SEO Crawlers
- How to Report a DDoS Attack to Your ISP: Evidence, Templates, and Escalation Steps
- How to Report a Hacked Server: Filing Abuse Reports After a Compromise
- How to Report IP Address Abuse: The Complete Guide to Filing Reports That Get Results
- How to Report Malware and Botnet Command-and-Control Traffic From an IP Address
- How to Report Network Security Incidents to a CERT Team: Templates for Vulnerability Exploitation and Intrusions
- How to Report Port Scanning and Network Reconnaissance to an ISP
- Phantom Domain Attack: How Unresponsive Domains Exhaust DNS Resolvers
- Port Scanner
- The Shrinking Perimeter: Common Service Exposure Across IPv4
- Unsecured IoT Protocols: MQTT, Telnet, and CoAP Exposure Trends
- Website Reputation Checker
- What Happens When One DNS Provider Goes Down: The Hidden Fragility of TLD Ecosystems
- What Is My IP Address?