According to Wikipedia, Internet bots also known as Web robots or simply bots are software applications that run automated tasks over the Internet. A botnet is a jargon term for a collection of software agents, or robots, that run autonomously and automatically. However, these sterile definitions don’t do justice to the importance of these players who’re populating our Internet.
Bots can play a positive role by being used as the web spiders that traverse the websites all over the Internet to collect and analyze information for the major search engines. However, they are used for malicious purposes to a much greater extent.
Okay…now let’s cover the dirty side of these destructive, criminal, and obnoxious rascals. In the recent past, the malicious use of bots was contained to distributed denial of service (DDoS) attacks that would take down a server or servers by overloading it with more transactions than it could handle. And using bots to gain unfair advantage playing online games and bidding on auction sites. However, in the past couple of years things have gotten exponentially worse; both in the destructiveness and the number of bots deployed. Three factors have contributed to this scenario; remote control of these bots by a command and control server (C&C), the introduction of botnets, and the use of these tools by organized crime groups.
These criminal organizations expanded the capabilities of the bots and botnets to gather personal information such as access Ids, passwords, names and addresses, telephone numbers, bank account numbers, etc. from infected computers. This information was used for identity theft and to steal money directly from bank accounts, credit card purchases, and others; or in many cases databases of personal identity information was sold to other criminal organizations who would use the information in a similar fashion. At this time another significant change in the use of bots occurred. As you might expect, these criminal groups went covert in their use of the bots; this is a distinct change from the high visibility of the DDoS attacks in the past. They designed the bots to hide themselves so that they might go undetected for long periods of time to gather and transmit the personal information to the control servers as long as possible.
One example of this criminal use of bots is the Zbot or Trojan.banker. This bot’s mission is to gather banking information to extract and transfer funds from the victim’s account to an account, usually located in another country. It gathers much of the information it steals by using a set of imbedded tools such as a keylogger; an application that records all keyboard entries, and transfers them to the controller for processing. The extensive proliferation of these bots and botnets is a result of the next major change in this environment…the introduction of the cyber criminal tools market.
Criminal organizations offer packaged bots, such as the Zbot, for sale; and lease or rent all or part of their large (up to 2 million bots) botnets on which to run the malware. This has allowed many more criminals to participate in this information stealing activity without having to develop their own bots or grow their own botnets. In other words, many more people got into this business than ever before; and it continues to grow. Members of this “market” of criminality come from all over the world.
Well, that may have been more than you ever wanted to know about bots and botnets, but you do need to know about it because any of us could be a victim of this criminal activity.
Please comment on this article; we all learn from each other when our views and opinions are shared.
I hope you enjoyed this article. If you enter your email address in the Email Subscriptions box on the home page, I’ll send you an email when a new article is posted. I don’t share your email address with anyone…no one; I hate spam. Please share my site with your friends and family. Thanks.
Remember, home computing is a blast…keep it productive and enjoyable.