Breaking News

Saturday, May 17, 2014

Botnets - Threat to Computer & Mobile Security

What are botnet’s and how they could possess a severe threat to computer and mobile security?

As you guys know that smart phones have become wallet and personal computer, they hold our every information from banking to social network information, so because of this they have become to target for Hackers, Scammers and Criminal. One Such attack was implemented by these bad guys and they named as name is Botnet.

A botnet is a collection of internet-connected computer that interact to accomplish some distributed task. Botnet are quickly becoming a growing threat to computer and portable-equipped user (for example: Smartphones, PDA, Tablet etc.) due to their hidden nature and very different and diverse method of taking Computers and Smartphones. Million and Billion of computers and smartphones around the globe whose security defenses have been opened (Breached) and they are control by malicious party.

 What is Botnet???

A Botnet, short form for robot network, is a group of computers or smartphones that have been taken and controlled remotely. It is a typical feature of malware to connect infected machines. This computer and smartphones operates like normal System, and leaving user unaware that their machines are infected. Although such a collection of computers can be used for useful and constructive applications, the term botnet typically refers to such a system designed and used for illegal purposes. Such systems are composed of compromised machines that are assimilated without their owner's knowledge.

The compromised machines are referred to as drones or zombies, the malicious software running on them as 'bot'
Above image show how botnet is accumulated into your system. Recently top & big companies are attacked by BOTNET.


How Botnets Work??

Botnet get their origin from criminals who are tech-addicted and well-knowledgeable in computer programming and software creation. BOTNET were originally developed to transmit spam. These criminals that penetrate along with botnet are known as “BOT Herders”. 

They typically receive instructions from a central PC that is known as the command-and-control center(C&C). A botnet runs hidden and typically uses a covert channel to communicate with C&C.

The above diagram shows the working:

This is with respect to Computer. There are in all 5 steps how botnet takes place.

Step1: Criminal Computer infects your system by sending Virus and Trojan. To achieve this any 1 below method is used:
i)    Email sent to your system which contains virus.
ii)    Unpatched Computer with a security risk.
iii)    Flash drive and portable hard drive that are infected.
iv)    Software installation and Infected Files.
The above ways make yours System infected.

Step2:  once the system is infected, the bot-herder now controls your computer.

Step3: Bot herder decides what need to be done to your computer.
They harms your pc by doing DDOS attack on a network Firewall. DDOS attack is basically utilizing all your bandwidth or in other words saturating your internet resources like bandwidth in such a way that it takes long amount of time to open particular sites.

Step4: Bot-herder can flood spam messages to other system.

Step5: The final step is when security officer checks the logs of network firewall; he finds that there is IP address of your computer who is doing all these stuff and executing those Attacks.



The above nature of BOTNET gives plenty of power on internet to criminals. Bot-Herders can now engage in more damaging activity may be internet might have never seen before.

Some of the activities are listed down:

1)    Click Fraud: It occurs when user’s computer visits websites without the user’s awareness to create false web traffic for commercial or personal gain for example Automatic “Click” on advertisement banners. They use this technique to earn large amount of money. Since the clicks are coming from separate machines across the globe, so every time it finds a new IP address is clicking on the advertisement.

2)    Key logging: It is one of the most dangerous botnet features to an individual’s privacy. Many bots listen to key board activity and report keystrokes upstream to bot herder. Sometimes they have built-in triggers to look for particular websites where password or bank account information is required. Because of this key logging Feature bot herder can gain the password and make any sort of transaction.

3)    Warez: It means illegally obtaining pirated software. Bot can steal, store and propagate your warez. The important is bots have large disk space so because of this he can search into victim’s hard drive for software and licenses install and easily transfer it to other system. Duplication and Distribution is easily achieved.

4)    Fast Flux: It’s a DNS Technique to hide phishing which is used by BOTNET.

5)    DDOS ATTACK: DDOS attacks attempt to overload a site in order to disrupt business by creating a loss of connectivity or connection bandwidth

6)    Spams:  Send vast amounts of spam to other users.


How Do I protect my system???

Most network uses multiple firewalls and a layered security approach for protection against Botnets.
Other step taken to prevent Botnet attacks are:

1)    Fully Fledged Security System:  Full-Fledged Network Security is most important which covers everything from individual PC, network server and local area network. Install Intrusion Detection System (IDS) and protection at the gateway to email servers.

2)    Disabling Unused Port: Another protection measure is Shutting down all unused port that are not required for specific application on the network. These ports are used by FTP application and INTERNET RELAY CHAT (IRC) which are prime application Hackers used to communicate with Bot-Herder.

3)    Install and regularly update antivirus and antispyware software

4)    Do not open e-mail attachments unless you have specifically requested them and then only after you have scanned them with an antivirus scanner.

5)    Beware of disks, CDs, USB storage devices, etc. that you do not control.

6)    Educating User.


Mobile Botnet:

Type of Botnet that target mobile device such as smartphones no matter what type O.S. is used.  It may be Android, IOS or Symbian. It attempt to gain full access to the device and its contents as well as providing control to the BOTNET Creator. Our phones hold tons of data and hackers, Criminals know it very well. A screen locker is not enough to secure our data.  Almost all O.S. have been victims of Mobile Botnet.

Few examples are follow:

1)    Dream Droid: It got it name because the malware activated at night, affecting users while they were in sleep.  More than 2 lakh users were affected resulting in loss of personal data and files.

2)    IPhone SMS attack: It’s a kind of DOS attack which can be used to shut down IPhone, deface text or otherwise reconfigure Keys.

3)    The other types of attack were for Symbian OS attack name is Sexy Space and Zeus Variant for Blackberry OS.

How to avoid Mobile BOTNET

1)    Install and regularly update antivirus and anti spyware software

2)    Do not open e-mail attachments unless you have specifically requested them and then only after you have scanned them with an antivirus scanner.

3)    Proper Patches and Genuine software to be installed on mobile

So botnets are very dangerous as they can spread over computer as well as Mobile phones. So stay alert! Stay SAFE!!!

No comments:

Post a Comment

Designed By