Botnet | What is a botnet? Botnet Definition and Botnet Attack Example

What is a Botnet?

A botnet is a network of devices infected with a malicious program that is usually deployed and controlled from a centralized location. A botnet is also referred to as a robot network. A botnet can consist of 2, 3, or even hundreds of thousands of bots, which are tasked with executing predefined tasks that include spamming, spying, accessing illegal content, launching DDOS attacks, engaging in click fraud, and scanning for vulnerabilities. Malicious actors prefer botnets to single bots, due to the combined resources provided by individual bots in a network.

In a botnet, there is the main computer (server), tasked with receiving reports for bot computers. Also known as the herder computer, it serves as the command and control (C&C) during a botnet attack.

In a botnet attack, a swarm of infected devices (bots), which include several networked devices, are deployed and aimed at a company server or an individual's device.

Botnet Attack Example

For instance, when launching a click fraud, a single computer can click once in a given period. Too many clicks from the same computer might be flagged as a potential bot by the server the ad is running on. However, as more computers are added to the botnet, each computer can click once every 3 hours, and millions of clicks can be made every day from the hundreds of thousands of computers on the botnet, without the server recognizing the malicious act.

Usually, device owners are not aware that their devices, which can include computers, phones, and routers, are part of a botnet.