SlideShare une entreprise Scribd logo

What is botnet?

Milan Petrásek
Milan Petrásek

Info about botnet, summary, history, technology and future

Technologie
1  sur  13
Télécharger pour lire hors ligne
WHAT IS BOTNET? Milan Petrásek 21/5/2014
Content • Introduction • Star and multiserver topology botnets • Hierarchical topology botnets • Random topology botnets • Types of attacks • Famous botnets through history • Summary
Intro - terms BOT or „zombie“. Short for roBOT. NET short for interNET Botnet a lot of infected computers Bot Herder or „bot master“ can control the botnet remotely C&C Server command-and-control centre for botnet managing
Star and multiserver topology
Hierarchical topology
Random topology
Types of attacks • Distributed denial-of-service (DDoS) • Adware advertises • Spyware • E-mail • Click fraud • Fast flux • Brute-forcing remote machines services • Worms • Scareware • Exploiting systems
Famous botnets through history • 2001 – First Botnet (http://www.bizjournals.com/atlanta/stories/2002/07/22/story4.html?p age=all) • 2005 Torpig • 2006 Virut • 2007 Zeus – one of the biggest (compromised U.S. computers: 3.6 million) • 2007 Storm • 2008 Conficker • 2008 Grum • 2008 Lethic • 2008 Mariposa • 2009 SpyEye • 2010 Waledac • 2011 ZeroAccess • 2012 FlashFake (Mac OS X) • 2012 Jeef • 2012 Smoke
Summary • Botnets are serious problem today – Malware as a Service • Bleak future awaiting us – Mobile botnets on the rise – Internet of Things botnets
IoT BotnetInternet of Things botnets In December 2013 a researcher at Proofpoint noticed that hundreds of thousands of malicious emails logged through a security gateway had originated from botnet that included not only computers, but also other devices – including SmartTV, a refrigerator and other household appliances. IoT worm used to mine cryptocurrency – worm Linux.Darlloz http://www.symantec.com/connect/blogs/iot-worm-used-mine- cryptocurrency Infecting DVRs with Bitcoin-mining malware even easier than you suspected http://arstechnica.com/security/2014/05/infecting-dvrs-with- bitcoin-mining-malware-even-easier-you-suspected/
QUESTIONS?
Resources • http://en.wikipedia.org/wiki/Botnet • http://www.welivesecurity.com/2011/06/27/tdl-tracking-peer-pressure/ • http://www.abuse.ch/?p=3499 • http://www.securelist.com/en/analysis/204792227/The_anatomy_of_Fl ashfake_Part_1 • http://www.networkworld.com/news/2009/072209-botnets.html • Fortinet – White Paper: „Anatomy of a Botnet“ • Fortinet – 2013 Cybercrime Report • Gunter Ollmann, VP of Research, Damballa Inc. – Botnet Communication Topologies

Recommandé

BOTNET
BOTNETBOTNET
BOTNET
Arjo Ghosh
 
Cyber security
Cyber securityCyber security
Cyber security
Dr. Kishor Nikam
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)
Gaurav Sharma
 
Botnets
BotnetsBotnets
Botnets
richashri3
 
Module 9 Dos
Module 9 DosModule 9 Dos
Module 9 Dos
leminhvuong
 
SECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.pptSECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.ppt
DimpyJindal4
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
Noushad Hasan
 

Recommandé

BOTNET
BOTNETBOTNET
BOTNET
Arjo Ghosh
 
Cyber security
Cyber securityCyber security
Cyber security
Dr. Kishor Nikam
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)Denial of Service Attacks (DoS/DDoS)
Denial of Service Attacks (DoS/DDoS)
Gaurav Sharma
 
Botnets
BotnetsBotnets
Botnets
richashri3
 
Module 9 Dos
Module 9 DosModule 9 Dos
Module 9 Dos
leminhvuong
 
SECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.pptSECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.ppt
DimpyJindal4
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
Noushad Hasan
 
Botnet
BotnetBotnet
Botnet
lokenra
 
Ddos attacks
Ddos attacksDdos attacks
Ddos attacks
communication-eg
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
guestfa1226
 
Dos attack
Dos attackDos attack
Dos attack
Manjushree Mashal
 
Wireshark
WiresharkWireshark
Wireshark
Sourav Roy
 
Cyber security(2018 updated)
Cyber security(2018 updated)Cyber security(2018 updated)
Cyber security(2018 updated)
PrabhatChoudhary11
 
DDoS Attack Preparation and Mitigation
DDoS Attack Preparation and MitigationDDoS Attack Preparation and Mitigation
DDoS Attack Preparation and Mitigation
Jerod Brennen
 
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesHONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantages
amit kumar
 
Botnets
BotnetsBotnets
Botnets
Kavisha Miyan
 
The rise of malware(ransomware)
The rise of malware(ransomware)The rise of malware(ransomware)
The rise of malware(ransomware)
phexcom1
 
Tails os
Tails osTails os
Tails os
SADEED AMEEN
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Muhammad Osama Khalid
 
Cyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moimaCyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moima
Theko Moima
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
Dilum Bandara
 
CCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityCCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network security
Ahmed Habib
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and Protection
Chandrak Trivedi
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
Ahmed Ghazey
 
Man in the middle
Man in the middleMan in the middle
Man in the middle
AhmadThaqifAimanAhma
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
Sina Manavi
 
Honeypot ppt1
Honeypot ppt1Honeypot ppt1
Honeypot ppt1
samrat saurabh
 
Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...
Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...
Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...
OWASP Delhi
 
[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against Botnet[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against Botnet
GangSeok Lee
 

Contenu connexe

Tendances

Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
Sina Manavi
 

Tendances (20)

Botnet
BotnetBotnet
Botnet
 
Ddos attacks
Ddos attacksDdos attacks
Ddos attacks
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
 
Dos attack
Dos attackDos attack
Dos attack
 
Wireshark
WiresharkWireshark
Wireshark
 
Cyber security(2018 updated)
Cyber security(2018 updated)Cyber security(2018 updated)
Cyber security(2018 updated)
 
DDoS Attack Preparation and Mitigation
DDoS Attack Preparation and MitigationDDoS Attack Preparation and Mitigation
DDoS Attack Preparation and Mitigation
 
HONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantagesHONEYPOTS: Definition, working, advantages, disadvantages
HONEYPOTS: Definition, working, advantages, disadvantages
 
Botnets
BotnetsBotnets
Botnets
 
The rise of malware(ransomware)
The rise of malware(ransomware)The rise of malware(ransomware)
The rise of malware(ransomware)
 
Tails os
Tails osTails os
Tails os
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moimaCyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moima
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
 
CCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityCCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network security
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and Protection
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
 
Man in the middle
Man in the middleMan in the middle
Man in the middle
 
Honeypot honeynet
Honeypot honeynetHoneypot honeynet
Honeypot honeynet
 
Honeypot ppt1
Honeypot ppt1Honeypot ppt1
Honeypot ppt1
 

Similaire à What is botnet?

[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against Botnet[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against Botnet
GangSeok Lee
 
New Botnets Trends and Threats (BH Europe 2007)
New Botnets Trends and Threats (BH Europe 2007)New Botnets Trends and Threats (BH Europe 2007)
New Botnets Trends and Threats (BH Europe 2007)
André Fucs de Miranda
 
A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zoo
UltraUploader
 

Similaire à What is botnet? (20)

Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...
Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...
Botnets - What, How and Why by Utsav Mittal @ OWASP Delhi July, 2014 Monthly ...
 
[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against Botnet[2010 CodeEngn Conference 04] Max - Fighting against Botnet
[2010 CodeEngn Conference 04] Max - Fighting against Botnet
 
Fear, Uncertainty and Doubt
Fear, Uncertainty and DoubtFear, Uncertainty and Doubt
Fear, Uncertainty and Doubt
 
Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...
Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...
Evolving Threat Landscapes Web-Based Botnet Through Exploit Kits and Scripts ...
 
New Botnets Trends and Threats (BH Europe 2007)
New Botnets Trends and Threats (BH Europe 2007)New Botnets Trends and Threats (BH Europe 2007)
New Botnets Trends and Threats (BH Europe 2007)
 
BOTLAB excersise
BOTLAB excersiseBOTLAB excersise
BOTLAB excersise
 
Cyber Security Terms
Cyber Security TermsCyber Security Terms
Cyber Security Terms
 
introduction to Botnet
introduction to Botnetintroduction to Botnet
introduction to Botnet
 
Botnets In Cyber Security
Botnets In Cyber SecurityBotnets In Cyber Security
Botnets In Cyber Security
 
BotNet Attacks
BotNet AttacksBotNet Attacks
BotNet Attacks
 
Botnet
BotnetBotnet
Botnet
 
Bots and Botnet
Bots and BotnetBots and Botnet
Bots and Botnet
 
All you know about Botnet
All you know about BotnetAll you know about Botnet
All you know about Botnet
 
Botnet
Botnet Botnet
Botnet
 
Botnet.pptx
Botnet.pptxBotnet.pptx
Botnet.pptx
 
botnet.ppt
botnet.pptbotnet.ppt
botnet.ppt
 
098
098098
098
 
A short visit to the bot zoo
A short visit to the bot zooA short visit to the bot zoo
A short visit to the bot zoo
 
Botnets
BotnetsBotnets
Botnets
 
News Bytes - May 2015
News Bytes - May 2015News Bytes - May 2015
News Bytes - May 2015
 

Plus de Milan Petrásek

Unified Threat Management
Unified Threat ManagementUnified Threat Management
Unified Threat Management
Milan Petrásek
 
GTS platforma pro vyvojáře webexpo 2012
GTS platforma pro vyvojáře webexpo 2012GTS platforma pro vyvojáře webexpo 2012
GTS platforma pro vyvojáře webexpo 2012
Milan Petrásek
 
Článek z CIO Business World
Článek z CIO Business WorldČlánek z CIO Business World
Článek z CIO Business World
Milan Petrásek
 

Plus de Milan Petrásek (14)

O2 Firewally nové generace
O2 Firewally nové generaceO2 Firewally nové generace
O2 Firewally nové generace
 
Bezpečná firma - koncepce GTS
Bezpečná firma - koncepce GTSBezpečná firma - koncepce GTS
Bezpečná firma - koncepce GTS
 
HighEnd a Mainframe procesory Itanium, SPARC, POWER
HighEnd a Mainframe procesory Itanium, SPARC, POWERHighEnd a Mainframe procesory Itanium, SPARC, POWER
HighEnd a Mainframe procesory Itanium, SPARC, POWER
 
DDoS ochrana pro setkání CSIRT.CZ
DDoS ochrana pro setkání CSIRT.CZDDoS ochrana pro setkání CSIRT.CZ
DDoS ochrana pro setkání CSIRT.CZ
 
DDoS
DDoSDDoS
DDoS
 
Unified Threat Management
Unified Threat ManagementUnified Threat Management
Unified Threat Management
 
High Frequency Trading
High Frequency TradingHigh Frequency Trading
High Frequency Trading
 
Business Continuity Management
Business Continuity ManagementBusiness Continuity Management
Business Continuity Management
 
GTS platforma pro vyvojáře webexpo 2012
GTS platforma pro vyvojáře webexpo 2012GTS platforma pro vyvojáře webexpo 2012
GTS platforma pro vyvojáře webexpo 2012
 
Cloudové služby GTS
Cloudové služby GTSCloudové služby GTS
Cloudové služby GTS
 
Gts produkty pro Business Continuity Mgmt.
Gts produkty pro Business Continuity Mgmt.Gts produkty pro Business Continuity Mgmt.
Gts produkty pro Business Continuity Mgmt.
 
Článek z CIO Business World
Článek z CIO Business WorldČlánek z CIO Business World
Článek z CIO Business World
 
GTS Data Storage CZ
GTS Data Storage CZGTS Data Storage CZ
GTS Data Storage CZ
 
TCO for a cloud
TCO for a cloudTCO for a cloud
TCO for a cloud
 

Dernier

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Dernier (20)

Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 

What is botnet?

  • 1. WHAT IS BOTNET? Milan Petrásek 21/5/2014
  • 2.
  • 3. Content • Introduction • Star and multiserver topology botnets • Hierarchical topology botnets • Random topology botnets • Types of attacks • Famous botnets through history • Summary
  • 4. Intro - terms BOT or „zombie“. Short for roBOT. NET short for interNET Botnet a lot of infected computers Bot Herder or „bot master“ can control the botnet remotely C&C Server command-and-control centre for botnet managing
  • 8. Types of attacks • Distributed denial-of-service (DDoS) • Adware advertises • Spyware • E-mail • Click fraud • Fast flux • Brute-forcing remote machines services • Worms • Scareware • Exploiting systems
  • 9. Famous botnets through history • 2001 – First Botnet (http://www.bizjournals.com/atlanta/stories/2002/07/22/story4.html?p age=all) • 2005 Torpig • 2006 Virut • 2007 Zeus – one of the biggest (compromised U.S. computers: 3.6 million) • 2007 Storm • 2008 Conficker • 2008 Grum • 2008 Lethic • 2008 Mariposa • 2009 SpyEye • 2010 Waledac • 2011 ZeroAccess • 2012 FlashFake (Mac OS X) • 2012 Jeef • 2012 Smoke
  • 10. Summary • Botnets are serious problem today – Malware as a Service • Bleak future awaiting us – Mobile botnets on the rise – Internet of Things botnets
  • 11. IoT BotnetInternet of Things botnets In December 2013 a researcher at Proofpoint noticed that hundreds of thousands of malicious emails logged through a security gateway had originated from botnet that included not only computers, but also other devices – including SmartTV, a refrigerator and other household appliances. IoT worm used to mine cryptocurrency – worm Linux.Darlloz http://www.symantec.com/connect/blogs/iot-worm-used-mine- cryptocurrency Infecting DVRs with Bitcoin-mining malware even easier than you suspected http://arstechnica.com/security/2014/05/infecting-dvrs-with- bitcoin-mining-malware-even-easier-you-suspected/
  • 13. Resources • http://en.wikipedia.org/wiki/Botnet • http://www.welivesecurity.com/2011/06/27/tdl-tracking-peer-pressure/ • http://www.abuse.ch/?p=3499 • http://www.securelist.com/en/analysis/204792227/The_anatomy_of_Fl ashfake_Part_1 • http://www.networkworld.com/news/2009/072209-botnets.html • Fortinet – White Paper: „Anatomy of a Botnet“ • Fortinet – 2013 Cybercrime Report • Gunter Ollmann, VP of Research, Damballa Inc. – Botnet Communication Topologies