Semalt: Botnet Malicious Activity

November 16, 2017
3 minutes read
Semalt: Botnet Malicious Activity

Jack Miller, the Semalt Senior Customer Success Manager, states that botnet can be characterized as a collection or an assembly of internet-connected devices that are infected or are under the control of malware. These are mobile devices, servers, and PCs just to mention a few. Besides, device users are usually unaware of these attacks. The owners of these bots can control them through special commands to perform malicious activities. This is achieved by:

  • Sending email spams – The owners can control it to send a massive number of false messages to various devices
  • Distributed denial of service attack – This overloads the system with many requests thus making it inaccessible to a user
  • Credential-stuffing attacks – This mostly occurs with the government and organizations, when botnet gets confidential information like credit card details that helps them to steal money and ruin an online business.
Semalt: Botnet Malicious Activity

How many bots make up a botnet?

The number of bots in a botnet can vary from one botnet to another which depends on the attacker that tries to infect a targeted device. For example, DDoS attack, which took place in August 2017, is believed to come from a botnet that was made up of over 75,000 bots.

A different credential-stuffing attacks in December last year were observed to have about 13,000 members and capable of sending nearly 270,000 false login requests in an hour.

The Mirai Botnet

After the discovery of this botnet in September 2016, the first attack target was Akamai. This virus is made of two components which are the command and control center (CnC) and the virus itself. Mirai contains ten attack vectors. Its code infects the less or poorly protected devices, and it can affect thousands of insecure devices and control them to perform a DDoS attack.

CnC allows the attacker to make a simple command line interface thus allowing it to make a specific attack vector. It waits until the bot can bring back the discovered and stolen credentials and it uses these codes helping it to create new bots.

The PBot Malware

This botnet is used to help attackers take over the infected machine and making it do harmful things and attacks like DoS or PortScanning. A PBot botnet made of a small number of nodes is capable of generating a significant level of attack.

Protecting your system against botnets

It is vital to understand what botnet is and how it works so that you can protect yourself from it. The botnet can come up with a series of attacks, and each of them may need you to come up with a different type of protection. You can get protection from Akamai, which offers you various cloud security solution to ensure that you are not a victim of botnet’s malicious actions.