what is botnet?
DESCRIPTION
Info about botnet, summary, history, technology and futureTRANSCRIPT
WHAT IS BOTNET?
Milan Petrásek
21/5/2014
Content
• Introduction
• Star and multiserver topology botnets
• Hierarchical topology botnets
• Random topology botnets
• Types of attacks
• Famous botnets through history
• Summary
Intro - terms BOT or „zombie“. Short for roBOT. NET short for interNET Botnet a lot of infected computers Bot Herder or „bot master“ can control
the botnet remotely C&C Server command-and-control centre
for botnet managing
Star and multiserver topology
Hierarchical topology
Random topology
Types of attacks • Distributed denial-of-service (DDoS) • Adware advertises • Spyware • E-mail • Click fraud • Fast flux • Brute-forcing remote machines services • Worms • Scareware • Exploiting systems
Famous botnets through history • 2001 – First Botnet
(http://www.bizjournals.com/atlanta/stories/2002/07/22/story4.html?page=all)
• 2005 Torpig • 2006 Virut • 2007 Zeus – one of the biggest (compromised U.S. computers: 3.6
million) • 2007 Storm • 2008 Conficker • 2008 Grum • 2008 Lethic • 2008 Mariposa • 2009 SpyEye • 2010 Waledac • 2011 ZeroAccess • 2012 FlashFake (Mac OS X) • 2012 Jeef • 2012 Smoke
Summary • Botnets are serious problem today
– Malware as a Service
• Bleak future awaiting us – Mobile botnets on the rise
– Internet of Things botnets
IoT Botnet
Internet of Things botnets
In December 2013 a researcher at Proofpoint noticed that hundreds of thousands of malicious emails logged through a security gateway had originated from botnet that included not only computers, but also other devices – including SmartTV, a refrigerator and other household appliances.
IoT worm used to mine cryptocurrency – worm Linux.Darlloz
http://www.symantec.com/connect/blogs/iot-worm-used-mine-cryptocurrency
Infecting DVRs with Bitcoin-mining malware even easier than you suspected
http://arstechnica.com/security/2014/05/infecting-dvrs-with-bitcoin-mining-malware-even-easier-you-suspected/
QUESTIONS?
Resources
• http://en.wikipedia.org/wiki/Botnet
• http://www.welivesecurity.com/2011/06/27/tdl-tracking-peer-pressure/
• http://www.abuse.ch/?p=3499
• http://www.securelist.com/en/analysis/204792227/The_anatomy_of_Flashfake_Part_1
• http://www.networkworld.com/news/2009/072209-botnets.html
• Fortinet – White Paper: „Anatomy of a Botnet“
• Fortinet – 2013 Cybercrime Report
• Gunter Ollmann, VP of Research, Damballa Inc. – Botnet Communication Topologies