Botnets

From ITS Wiki - Information Technology Services - University of Rhode Island

Jump to: navigation, search
Poke.png Malware

This page is part of a category. To see more pages like this, go to the Malware index.

What is a Botnet?

Botnet is a term for a network of software robots, or bots, which run autonomously. It generally refers to a collection of compromised machines running worms, Trojan horses, or back-doors, under a common command and control infrastructure. A botnet's originator (aka "bot herder") can control the group remotely, usually through a means such as IRC. The newest bots can automatically scan their environment and propagate themselves using vulnerabilities and weak passwords. Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet controller community.

How Can I Get Infected?

  • Using Kazaa, Bearshare, Limewire, other P2P applications and Torrenting open back doors into the computer for further infection.
  • Opening music sharing services in applications such as iTunes may allow a hacker to gain access to the machine or plant a malicious file for users to download.

Adware/Spyware

  • Many freeware applications are bundled with Spyware, programs designed to run without a user's knowledge.
  • These programs collect information on a user's computing habits, then report back to the creator via the internet.
  • Adware can decrease security on a computer, allowing a hacker easy access.

Viruses and trojans are often found attached to email spam. These messages are designed to infect your machine and give access to a botnet controller. The botnet controller then uses your machine to send more email spam to infect other machines. The cycle continues until the botnet controller has a veritable "network" under their control.

Cleaning a Compromised Machine

  1. Update Windows here
  2. Install and update McAfee Virus Scan in Safe Mode.
  3. Bring your computer the URI Helpdesk immediately. We will assist you in safely removing botnet components from your system.

Relevant Links:

 Windows Antivirus
 Windows Updates
 Wikipedia: Botnets
 URI Virus Website