What Is a Botnet?
Botnet Definition:
A botnet literally means bot network, and is a network of compromised (hijacked) computers or other IoT devices. The affected machines become bots infected by malware (usually trojan) controlled remotely by the attacker.
Botnet Extended Definition: Botnets are usually deployed to launch spam and DDoS attacks (short for Distributed Denial-of-Service). Furthermore, botnets can be rented to other cybercriminals for other malicious purposes. Even though botnets are usually associated with a command-and-control (C2 or C&C) infrastructure, they can exist without one, too. It can also be said that botnets rely on a peer-to-peer (P2P) architecture and other forms of management channels needed to transfer commands from one bot (or infected device) to another.
Due to the continuing development and large adoption of Iot (Internet-of-Things) devices, botnets consisting of connected devices are more prevalent today. These are known specifically as IoT botnets, and they are nearly identical in how they operate to regular botnets.
Originally, botnet operators relied on IRC channels to distribute instructions and execute DDoS attacks. However, more recent botnet campaigns are now also capable of mining cryptocurrency, intercepting data in transit, sending logs with sensitive information to the botnet master, and consuming machine resources.
Mirai is a good example of a prominent IoT botnet that infected millions of devices worldwide. The botnet had various iterations, and new ones emerged from its source code after it disappeared.
For more definitions, check out our Cyber Dictionary.