One of the popular ways the online criminals  make money is through the use of botnets. Once a botnet is set up they can use it in many different ways , such as for sending spam mails or distributing malware , virus, etc.
Botnets are a group of compromised systems  which are controlled by hackers, attackers or individual for propagating virus, malware, spam to other computers on the Internet.  If your PC is unsecured, then there is a chance your PC could become  a bot. Botnets usually work in client- server model where the attacker owns a Command and Control server ( CnC server). A computer part of the Botnet will receive instructions from the CnC Server. Once your PC is part of  botnet, hackers can extract confidential information from your PC through Internet.

CnC based Botnets:

Command and control server acts as a leader to the bots. These Bots (Computers infected with malware)  contact CnC server for receiving commands.

P2P based Botnets:

These do not rely on Command and control servers for receving commands, instead uses peer to peer communication protocol for receiving commands. P2P communication is used as a backup when CnC servers are not reachable. In this network each node acts as slave and as master giving orders to other PC.

Lets examine some Botnets in recent years,

Grum botnet is one of the largest botnets established over the Internet , it has two different types of CnC servers, they are Master CnC servers and Secondary CnC servers.  Dutch authorities recently take down the  two secondary CnC servers located in Netherlands. The Master CnC servers  located in Russia and panama are still alive.

P2P based Botnets:

These do not rely on Command and control servers for receving commands, instead uses peer to peer communication protocol for receiving commands. P2P communication is used as a backup when CnC servers are not reachable. In this network each node acts as slave and as master giving orders to other PC.

Lets examine some Botnets in recent years,

Grum botnet is one of the largest botnets established over the Internet , it has two different types of CnC servers, they are Master CnC servers and Secondary CnC servers.  Dutch authorities recently take down the  two secondary CnC servers located in Netherlands. The Master CnC servers  located in Russia and panama are still alive.

DreamDroid and TigerBot malware  compromises Google Android devices. TigerBot is an Android malware controlled via SMS , it is capable of recording phone calls,  upload device GPS location. TigerBot differs from traditional malware in that it is controlled via SMS rather than from a Command and control server on internet.

How to detect botnet:

  • If machine is working slowly then it may be an indication of botnet,  as botnet uses victims machine resources.
  • Use Network intrusion detection system.

Preventive measures:

  • Use updated  Anti-virus.
  • Regularly update your Operating System and if possible enable automatic software updates.
  • Uninstall software that you don’t use.
  • Avoid clicking links on spam emails.
  • Use strong passwords to protect your account
  • Don’t use the same password for all sites.
  • Don’t put unknown pendrives into your computer.
  • Turn on your firewall.  

Tools to Remove malware from your PC

Microsoft Security Essentials: It is used to guard against virus, spyware and other evil software. It is free of cost and easy to use software for windows Operating systems.

You can download Microsoft security Essentials at following link.
http://windows.microsoft.com/en-US/windows/products/security-essentials/download

You can also use  Antivirus programs to remove malware , the following are the links to Free Antivirus programs.
Avira - http://www.avira.com/en/downloads
Avast - http://www.avast.com/free-antivirus-download
AVG - http://www.avg.com/in-en/special-download-antivirus-for-windows-7-mssc

Source:

http://thehackernews.com/2012/08/botnet-hacker-news-magazine-august-2012.html
http://www.microsoft.com/security/pc-security/protect-pc.aspx

 

 

Page Rating (Votes : 5)
Your rating: