What is a botnet?
D2 ยท Threats ยท CompTIA Security+ SY0-701A botnet is a network of internet-connected devices infected with malware and controlled remotely by an attacker (the "bot herder") via a C2 (Command and Control) server โ without the device owners' knowledge.
Uses: DDoS attacks, spam campaigns, credential stuffing, cryptocurrency mining, ransomware distribution, proxy networks.
Infected devices are called bots or zombies. Modern botnets use P2P C2 to avoid single points of failure.
Uses: DDoS attacks, spam campaigns, credential stuffing, cryptocurrency mining, ransomware distribution, proxy networks.
Infected devices are called bots or zombies. Modern botnets use P2P C2 to avoid single points of failure.
Botnets power DDoS attacks. Mirai botnet (2016) used IoT devices to launch record DDoS attacks. IoT devices are popular botnet targets due to weak default credentials and no antivirus. Sinkholing (redirecting C2 traffic to researchers) disrupts botnets.