Attack of the Botnets

By Robert Kaye and Hector Cisneros

Photo Credit: arlnow.com

Ever wonder how Google knows what’s on your website? Have you ever been infected by malware or a computer virus? Ever pondered how these spammers got your email address? I have one word for you: BOTs! The World Wide Web is crawling with them.  Spider bots to index your website, evil bots that can make you wish you never had a computer, bots that scrape the web for ID information, and bots that you can buy ― but unfortunately break search engine rules ― which then render your domain as an outcast in a sandbox kingdom that no one can find.

Bot is short for robot or “Web robot,” a type of software program designed to automate some functions. They can come in a wide variety of online programs.  Similar to “Wizards and Witches,” there are “Good bots” and “Bad bots.” Search engines such as Google, Yahoo, Bing, etc., all use “Good” search bots to scour your properties’ content to index that information (i.e., search for subject matter, meta- and alt-tags, keywords, and backlinks to other sites such as your social nets and partner websites). 

Good Bots

Photo Credit: yurtopic.com

• Spider Bots – Also known as Search Bots; these are used by search engines to explore Web pages for content, organization and linking. Spider bots have certain criteria for indexing and determining the ranking of Web pages within the search results.

• Trading Bots – These bots scroll through the online auction sites (such as eBay) to  locate the best deals on a specific product or service. In this case, a trading bot is used for commercial gain.

• Media Bots – These provide updates on weather conditions, news and sports, currency exchange, and are used as censors in applications that run chat rooms and Instant Messenger (IM) programs.

Bad Bots

• Spam Bots – These bots spider the Internet to collect data from forms that have been filled out online, spreading advertisements and pop-ups throughout the Internet, and collecting email addresses for the purpose of spamming.

• Hacker Bots – Used by hackers to crawl around the Internet and find vulnerabilities in websites and online applications so they can exploit them for malicious purposes.

• Download Bots – These forcibly download a Web page that the hacker wants surfers to see instead of a Web page surfers had requested.

Photo Credit: popularphilosophytoday.com

• Malware/Virus Bots – These bots can infect and turn your computer into a zombie (read below). 

• Click Bots – These can eat up your Pay Per Click funds or trick you into following them by showing up in your Analytics.

• Scraper Bots – These can scour websites collecting various types of ID information.

It’s important to understand one unchanging principle of programming and tools in general: All of these bots are tools. The purpose of a tool is to increase your efficiency. To do more in less time. In this regard, bots, being automated programs, are powerful tools. In the right hands, they can have a positive productive result. In the wrong hands, the results can be malicious, devastating and in worse cases, downright evil.

Beware of the Botnet Zombies! 

According to Norton, the Bad bot types “are one of the most sophisticated and popular types of bots used in cybercrimes today.” The cybercriminals that control these bots are called bot-herders or bot-masters. These are used to perform malicious acts and to breach network security protocols. These Bad bots also facilitate a hackers’ ability to acquire and subvert many computers at a time, creating a “botnet.” PCs (including Macs) that have been subverted by bots and/or a botnet are known as zombies.  

Photo Credit: computersafetytip.com

The unfortunate PC that becomes a zombie computer is now linked to other zombies across the world. It is now enslaved to a specific network, a collective “botnet,” that’s used to spread viruses. They then create spam and engage in other types of illegal activities and fraud online.  Frequently, the users/owners of the hapless computers that’ve been turned into zombies don’t even know their machines are infected and are being used for nefarious purposes.  However, there can be telltale signs such as a computer operating slower (which can be caused by many other, less invasive issues), the display of mysterious messages, seeing the dreaded “Blue Screen of Death,” or other signs that something’s gone awry. It may seem as if your once seemingly intelligent operating system has now undergone a loBOTomy.

How large are botnets? Prepare yourself... Some botnets may “only” have a few hundred or few thousand computers. However, others can and have had as many as tens and even hundreds of thousands of now-infected computer zombies available to do their bot-master’s ill will. 

Stealthy and Mischievous

 

There are different ways a PC or smart device can become infected. Because of the automated nature, these bots spread themselves out, spanning the Internet in search of vulnerable unprotected computers. Upon accessing an unprotected computer, they rapidly insert themselves into the machine and then report back to their controller. Then, like a criminal or terrorist in-hiding amongst the general population, they lie and wait incognito, until receiving a command to execute a specific task. 

Photo Credit: math.harvard.edu

One common method for a bot program to gain access to your system is when you’re visiting a website and it deceptively baits you into downloading or clicking on a tempting link (such as a free movie, MP3 or picture), thus giving it a chance to infiltrate your system.  Another frequently used method is coupling the bot as a file attached to spam emails sent to the user, or as a program dropped from another piece of malware. Similarly, tempting links can be posted to your social nets, infecting your social accounts (Facebook, Twitter, LinkedIn, etc.). So remember when you’re surfing the web or your social sites, there are lots of nasty “critters” out there that would delight in nothing more than infecting your PC to take control of its functions. 

Some of the automated tasks that a bot and/or botnet may hijack your PC to perform:   

• Sending – May include software, spam and viruses.

• Stealing – Can include personal and/or private information and then send it back to the bot-master. Credit card numbers, bank credentials and other sensitive personal information, including any financial information or personal health records are within their grasp. 

• DoS (Denial of Service) – Similar to kidnapping; this includes launching DoS attacks against a specified target. Cybercriminals often extort money from website owners in exchange for them regaining control of the now-compromised site or PC. Cybercriminals by nature, are like geeky bullies. They often attack regular computer users because they are the easiest targets. Young hackers may be motivated by curiosity and because they enjoy the thrill of the challenge. However, most attacks are motivated by financial gains, with the remainder being perpetrated by cyber warfare countries and by “Hacktivists.” 

Photo Credit: techspot.com

• Clickfraud – Ever more frequently these days, the Bad Bot Boys use bots to increase the cost of online advertising by automatically clicking on Internet ads. They may also be used to trick you into following their links to increase their traffic. 

• Financial Fraud – Mining digital currency, such as Bitcoin.

• Diversionary Tactics – Sometimes bot attacks are used to mask other hack attacks. The bot attack keeps the I.T. administrator or webmaster busy fighting the DoS attack, while the hacker launches the secondary attack to gain access to their real objective (financial data, bank transactions, etc.).

Creating Havoc

Botnets cause huge financial losses every year. In 2013, the cost to the world was estimated to be between $375 to $575 billion. The security of individuals, businesses, financial institutions and even governments are all at risk.  First and foremost, the information and interconnectivity of any system that has been subverted into a botnet is no longer in the original user’s control. It’s like being a pilot and having one’s airplane hijacked. Especially considering that many people store highly sensitive material on their PCs such as financial information, login and password credentials, email lists, electronic health records, etc. All of this is now available to be misused by the bot-masters. 

Photo Credit: us.norton.com

Just imagine what happens when the zombie-ized machines belong to a major corporation or governmental organization.  Given the frightening nature of these botnets, the severity of their attacks can accumulate, as key commerce, utilities and or social services are all at critical risk.  Guess what?  These types of attacks have already happened to our financial institutions, large corporations and government institutions, sometimes daily. (Remember the incidents involving JP Morgan, Chase, Home Depot, Target, and HealthCare.gov?) 

One doesn’t have to be a bot-herder or bot-master to engage in malicious botnet activity.  Anyone intent on wreaking havoc online ― an individual wanna’ be hacker, syndicate organizations, terrorist groups, hacktivist groups, enemy countries, etc. ― can instigate these disruptive activities in cyberspace simply by renting botnet services from a cybercriminal.  

According to the report, “Botnets, Cybercrime and Cyberterrorism, Vulnerabilities and Policy Issues for Congress”: “Cybercrime is becoming more organized and established as a transnational business. High technology online skills are now available for rent to a variety of customers, possibly including nation states, or individuals and groups that could secretly represent terrorist groups. The increased use of automated attack tools by cybercriminals has overwhelmed some current methodologies used for tracking Internet cyberattacks, and vulnerabilities of the U.S. critical infrastructure, which are acknowledged openly in publications, could possibly attract cyberattacks to extort money, or damage the U.S. economy to affect national security … New and sophisticated cybercrime tools could operate to allow a nation state or terrorist group to remain unidentified while they direct cyberattacks through the Internet.”

To Bot or Not to Bot? That is the Question.

Photo Credit: xp-vista.com

One of the first things we recommend is to take personal responsibility in real time. What does that mean? Don’t engage in online behavior that can compromise your security. Stay away from questionable websites, and above all, use multiple layers of anti-malware to warn you of potentially malicious websites and social pursuit. To read a list of security programs and other steps you can take to protect yourself, read our previous blog, "The Scariest Stuff Online." You may also get a copy of our latest book, “Working the Web to Win,” which has a chapter devoted to this subject. 

Just last month, “PC Magazine,” in an article entitled “The Best Antivirus for 2014,” recommended the protection programs of Panda, Kaspersky, Norton and Bitdefender. Also high on its list was the cloud-based behavioral monitoring of Webroot SecureAnywhere Antivirus.  We also highly recommend you install secondary adware/malware programs such as Malwarebytes or Advanced System Care. Microsoft also recommends that you ensure your system is patched with the most current Microsoft Windows Update. 

In this article, we discussed what are bots and botnets. We gave examples of “Good bots” and “Bad bots.” We further provided, in greater detail, explanations of what they are, how they infiltrate into computers, tablets and smartphones, and then proceed to aggregate networks of digital devices to do the bidding of their cybercriminal masters. We then discussed the different ways in which botnets are used to wreak havoc across the Internet. Lastly, we provided links you can check out to stay informed, along with steps you can take to protect your systems including key recommendations of the top antimalware applications everyone should use to protect their digital smart devices from becoming prey to Bad bots and malevolent botnets.

If you found this article useful, please feel free to share and repost it. We welcome your opinion and comments related to this article, just add them to the Comments section below.

If you'd like a free copy of our eBook, "Internet Marketing Tips for the 21st Century," please fill in the form below and we'll email it to you. Your information is always kept private and is never sold.

Robert Kaye is an internationally published, multi-award-winning writer and editor.  To date, he’s been published over 450 times covering a wide variety of topics in many different types of print and electronic media (Internet, TV, radio, and podcasts). He currently serves as the Associate Producer for Working the Web to Win, an award-winning Internet marking firm in Jacksonville, Florida. 

Hector Cisneros is the COO and director of Social Media Marketing at Working the Web to Win. He is also co-host of the weekly Internet radio show, "Working the Web To Win" on BlogTalkRadio.com, which airs every Tuesday at 4 p.m. Eastern. Hector is a syndicated writer and published author of “60 Seconds to Success and co-author, along with Carl Weiss, of the book, “Working the Web to Win.”

Related articles

• First Shellshock Botnet Attacking Akamai, US DoD Networks
• Reddit-powered botnet infected thousands of Macs worldwide
• Botnet Attacks - A Threat to IT Security
• Attackers quick to Bash Linux
• Password breaches that will make you want a management system
• Rodney Joffe Explores Cybercrime's Underground Economy Video
• Apple updates XProtect, blacklists iWorm variants
• Shellshock Vulnerability Used in Botnet Attacks
• Malware dubbed Mac.BackDoor.iWorm has has infected 17k Macs, forming a botnet which receives communications from Reddit posts (Graham Cluley)
• Monster banking Trojan botnet claims 500,000 victims

Related articles