Botnets are underdogs when it comes to cyber security but if orchestrated properly they can cause a world of destruction, as we will go on to talk about later.
Firstly, what is a Botnet? A botnet is a when a device which is connected to the internet gets taken over and generally infected with malicious software without the knowledge of the owners. A network of compromised devices are considered to be Botnets. Any internet connected device can be added to botnet including wireless routers, smartphones and laptops.
These botnets are controlled by command and control (C&C) servers which can send and receive data from the bots. Most worrying is the ability to send commands to the devices which can have deadly consequences. Most botnets carry out spam phising email campaigns and distributed denial of service (DDoS) attacks.
RELATED ARTICLE: WEB SECURITY 101 – HOW SECURE IS YOUR HOME ROUTER
Mirai
One of the most recent botnet attacks occurred towards the end of 2016 where an army of compromised IoT devices launched DDoS attacks against a variety of targets around the world. The initial targets of Mirai’s DDoS attacks in September were hosting provider OVH, and the website of security expert Brian Krebs. Both of these were massive DDoS attacks, among the biggest ever seen, peaking at 1 Tbps and 620 Gbps, respectively. At the end of September, the Mirai threat escalated when its source code was released on online hacking community HackForums. Three weeks later a massive DDoS attack against DNS provider Dyn, likely carried out by amateur hackers, blocked access to several high-profile websites, including Netflix, Twitter, and PayPal.
Later into 2016, Germany fell victim to the Mirai botnet where nearly 1 million home internet users were exploited due to vulnerabilities in their home routers.
Necurs
Necurs is one of the most notable botnets that is active at the moment. It was one of the biggest distributors of email malware in 2016, sending out massive campaigns spreading the Locky ransomware. However, it mysteriously ceased operation on December 24, 2016, and remained inactive for almost three months.
It resumed activity on March 20 but not distributing email malware, instead it sent out ‘pump and dump’ stock spam campaigns. Pump and dump spam campaigns aim to falsely inflate the price of shares, which the spammer has already bought in large quantity at a low price, by encouraging victims to buy shares in the same company. Once the price of the stock has been driven up by victims purchasing shares the spammers offload all their shares. This causes the price of the shares to drop dramatically and makes it unlikely the victims will make their cash back.
RELATED ARTICLE: HERE ARE 10 WAYS RANSOMWARE HAS MOST LIKELY TRIED TO ATTACK YOU
Bagle
One of the first botnets which appeared back in 2004 conducted huge spam campaigns. It infected more than 200,000 computers and in 2009 was said to be responsible for more than 10 per cent of the world’s spam at that time.
Conficker
Appearing towards the end of 2008, Conficker spread throw network shares and infected USB drives. At its peak it was said to have infected 11 computers worldwide. The cost of cleaning up Conficker has been estimated as being as much as $9 billion and, amazingly, despite the fact that it is almost a decade since it was released into the wild, it is believed that computers infected with Conficker still exist.
About IntelliTeK Pty Ltd
IntelliTeK is a managed IT services company in Sydney, Australia. With major vendor relationships and accreditation’s from the worlds leading IT companies including WatchGuard, Microsoft, Trend Micro and Amazon Web Services, IntelliTeK have kept clients happy since 2007.
IntelliTeK are always up to date with the latest cloud backup solutions which is why we only partner with the best in the industry. If your company isn’t fully equipped to fend off cyber criminals, then get in touch with us so we can discuss your options. Call us on 1300 768 779, email us at info@intellitek.com.au, fill out the web form, or have a Live Chat with us below.