What Is A Botnet?

And why you should care

Lately there has been a growing concern of botnets fueled by an increasing number of botnet-related articles in the news. The concern is valid as all signs point to botnets growing in number, size, and sophistication.

The botnet threat isn’t likely to go away anytime soon and it’s probably going to get worse before it gets better.

Here’s what you should know about botnets.

What is a botnet?

A botnet is a collection of Internet connected devices that are under the control of the botnet owner or “bot master”. The collection is essentially a network of robot computers, or roBOT NETwork, hence the name “botnet.”

Individual devices in the botnet are referred to as “bots” or “zombies” since they’re under someone else’s control.

What do botnets do?

Botnets often lay in wait most of the time. They’re waiting for commands from the botnet owner. Once they receive the commands, they jump into action to do whatever they’re commanded to do.

Botnets are typically used to send spam emails, participate in DDoS attacks against other websites, attempting to hack additional machines to join the botnet and increase its size, spying and siphoning private information (like credit card info) from the network they’re on, click fraud, and bitcoin mining.

But really the uses for a botnet are endless. Botnets could just as easily be used for cracking encryption, performing brute force hacking, and doing massive data searches. Anything that you can think of using thousands or millions of computers for could be a use for a botnet and I’m certain that new uses will be thought up in the future.

How do botnets work?

The devices in the botnet listen for commands and then execute those commands. The commands can come from different sources such as IRC channels, a control network (dedicated machines serving as the control computers), or even through peer-to-peer communications between the zombie devices.

Sophisticated botnets can download and execute new code as part of their instructions enabling them to evolve and perform new functions and giving them new capabilities programmed by the bot master.

This capability allows the botnet to better evade detection, adapt to new security, grow in sophistication, but also makes the botnet more valuable as its function and uses are endless.

How are botnets created?

Botnets are created from hacked devices, computers and other internet devices. Computers are often recruited into the botnet by executing some malware. The malware installs the botnet control system onto the computer and then silently waits for instructions from the bot master.

Exploiting security vulnerabilities is another way that hackers can get into a device and install the botnet control software. Most computers and Internet devices have security vulnerabilities at some point or another and if they aren’t patched they can create opportunities for hackers to take over the device and add it to their botnet.

Malware, viruses, and unpatched security vulnerabilities are the main ways that devices are turned into zombie bots on a botnet.

How big are botnets?

Botnets range in size from a few devices for botnets that are just getting started all the way to very large networks of bots.
Historically, botnets have been detected ranging in size from 10,000+ devices all the way up to over 30,000,000 devices.

Who makes botnets?

Botnets are created by the same kinds of people who create malware, viruses, spyware, and ransomeware plus the kinds of people who are looking to steal credit card info and engage in other forms of cybercrime.

Essentially, botnets are created by criminals who want to “steal” a large number of devices by illegally taking control over them to use them for their bidding.

Botnets may be created by individuals or by groups engaging in organized crime. Botnets could even be created by foreign governments.
Botnet creators can be in any country, anywhere they have access to the Internet.

Why are botnets created?

Botnets are created for financial gain. There are many ways a bot master can try to make money.

They can directly make money by mining for bitcoin and performing click fraud.

Indirect ways they can make money include stealing credit cards and identity information.

But if they want to, there’s also a black market for buying and selling botnets. Some bot masters may sell all or a portion of their botnet, or they can just sell time on their botnet effectively renting it out.

What’s the big deal about botnets?

Botnets used to be made up of just computers and servers but that’s changing now. As more and more connected devices join the Internet, hackers have figured out ways to take control over these as well. Now routers, internet video cameras, DVRs, and other devices are joining the ranks of botnets across the globe.

Eventually, mobile devices like your smartphone and iPad could be hacked and used as part of a botnet as well.

And the potential for botnets will only get larger as more and more devices connect to the Internet. With smart homes, smart appliances, Internet of Things, connected devices, mobile computing devices, smartphones, and smart vehicles all adding to the pool of potential bot zombies, there will be more and larger botnets in the future.

It’s been estimated that over 80% of spam is sent from botnets. As botnets grow, that means spam will likely grow as well.

In addition to spamming, bot nets are also used for many other types of illegal activities, hacking, and attacking legitimate websites. So you can expect a rise in these activities as well. Be prepared to hear more news stories about cyber attacks of all kinds.


Botnets are collections of computers or Internet connected devices that are able to be controlled remotely by the bot master (who doesn’t own them.) Botnets are used for many different kinds of illegal activities and cyber attacks.

Unfortunately, botnets are not going away any time soon. In fact, we’re likely to see more and larger botnets in the future.

Protect your devices and yourself by practicing good cyber security and keeping all your devices and computers up to date with all available security patches.

– Weston Henry


Wikipedia: Botnet


How do you make sure your devices don’t end up bots in a botnet?

How do you protect yourself from botnet attacks?

Please note: I reserve the right to delete comments that are offensive or off-topic.

One thought on “What Is A Botnet?

Comments are closed.