If you’re not aware of it, bots on the internet have seen a massive increase in recent years. Let me step back a second to help lay some groundwork. Most people haven’t heard about bots, botnets, bot controllers, bot herders, etc. I was floored when I started looking into the ins and outs of bots. It’s not that I didn’t know about computer exploitation and their ilk. It’s just that I didn’t understand the enormity of the issue and just how damaging it is.
In a white paper entitled “Killing Botnets: A View from the Trenches,” Ken Baylor and Chris Brown of McAfee talk about a recent botnet attack on a Central American telco provider that crippled that nation’s teleco infrastructure. To understand how that could happen, you need to understand exactly how a botnet works. And that all starts with bot herders. Bot herders have machines that actively sweep the internet looking for current exploits. These are exploits that will allow them to take over a machine. Once an exploitable machine is found, the bot herder’s exploit sweepers install a program on the victim computer that calls back to servers with setup code. That setup code connects the victim computer to an IRC channel, usually on port 6667, which allows the the victim computer to take commands from the bot herder. This computer has now joined the ranks for the bot herder’s army of controlled machines. And this computer could be yours.
Just think for a moment what power the bot herder could wield if they had thousands or tens of thousands of these bots at their disposal. Well, you could cripple a nation’s telco infrastructure. And that is exactly what happened in Central America earlier this year. That is a big problem for you and me. But the fun doesn’t end there. Many times these bots are actively used for spam purposes – email, blog comments, etc. And they are used in phishing scams all the time. The end game is money. And the means are completely illegal. This can lead to identity theft, fraudalent ad click schemes, etc. This type of thing is big business and, as such, it isn’t going away any time soon. And we shouldn’t be surprised to know that organized crime is heavily linked to these types of activities.
[tags]bots, botnets, bot herders, bot controllers, identity theft, phishing, spam, click fraud[/tags]
