A relatively new term floating around the Internet these days is botnet. If you search for “botnet” in Google, you will be presented with close to 2 million results. I tried to figure out when the phrase was first used, but did not have any success in my search. If you know, share with the rest of the class ;).
I certainly am not an expert in Internet Security but I recently did some research on the makeup of a botnet and how it operates. Following is some of what I learned.
A botnet is really a complicated and, yet, highly organized thing. It is made up of several layers. So, this post will examine those layers so that we can all be a little more familiar with our enemy, the botnet, since they will be with us for a while :(.
On the bottom rung of the botnet ladder is the cracker. These are individuals that figure out how to “crack” a piece of software. These are typically the individuals that live in their parent’s basement surrounded by empty potato chip bags. After cracking the software, they will sell the exploit to the next individual called a bot herder.
The bot herder then uses the purchased exploit to take over unprotected computers. He/she sends out malware, viruses and trojans to infect unprotected machines. These compromised computers are then controlled by the bot herder and are called bots. The bot herder grows the ranks of his herd and when it is large enough, he sells the herd to the next group, the fraudsters. The larger the herd, the more valuable it is and the more money the bot herder can demand.
Reportedly, bot herders charge the fraudster $1 per bot per month. However, if the herder is controlling some pretty valuable bots (ones that have a lot of sensitive data or are very high profile) the cost per month could go WAY up.
The fraudsters then use their recently purchased herd to steal personal data and individuals identities.
So, there you have it. A brief overview of the structure of a botnet. Now, the next time you hear that term, you will be a little more familiar with what it actually means.
Trust me, you do not want to become a member of a botnet. Make sure your software is up-to-date. When you see that a patch has been released for a piece of software that you use, apply that patch!