|
botnets
|
View this Thread in Original format
| VAR |
Botnets – the dark side of the Internet
If your PC seems to have developed a mind of its own, and your Internet connection is often overloaded for no apparent reason, then you have probably caught a special type of Trojan. Inventive Malware programmers often control hundreds, and sometimes thousands, of computers with their software pests. These are known as Botnets and this article explains what exactly these are, what risks they present, and how you can protect yourself from them.
The tem "Trojan" from Greek mythology represents the same principle in the computer world as the large wooden horse in the mythological story. In this case we are not describing soldiers who want to overcome unscalable walls but rather Malware that wants to hide within the operating system of your computer. In Troy, the residents could not resist the temptation and pulled the wooden horse into the city. The software equivalent also pretends to have a different purpose, in order to convince you to run a program. The temptation is often in the form of pornographic content, illegally copied software, or a dubious email attachment. However, supposed naked pictures of female pop stars can often conceal a Trojan that can take control of your computer after being run only once.
There are basically two types of Trojan. While previous infections usually only affected single computers, increasing numbers of increasingly fast Internet connections have led to the development of new Trojans capable of rapidly infecting hundreds or thousands of computers and which often achieve this target through the naivety and lack of caution of the users. Examples of this type of Trojan are Phatbot, Agobot, SDBot or RxBot, and innumerable derivatives of these. Attentive readers may have noticed the "-bot" ending used in this article, especially in the title. The tem "Bot" describes a computer infected with a Trojan that unquestioningly accepts commands from someone else than the actual owner.
As already described, suitable victims are sadly all too easy to find, resulting in not just a single infected system but an entire network of infected computers. In technical jargon, these are called "Botnets" (roBOT NETworks). Botnets are virtual networks of infected systems that receive commands from a server in different ways, depending on their type. IRC is most often used as the communications medium. IRC is a Chat protocol, the so-called Internet Relay Chat. IRC is a pure real-time communications protocol and is harmless in itself, however it now has a somewhat negative reputation as a result of its use by Botnets. Communication under IRC occurs using Channels, in a similar manner to radio.
Additional components are often downloaded to an infected computer once it has logged-in to its pre-defined IRC server. These extra components can include mechanisms for camouflage, for switching off Malware scanners, or other virus-like modules. Once fully installed, the Bots then follow the commands of the Botnet owner - usually beginning with the search for new victims.
Bots do not always spread through the careless behavior of PC owners, but also among each other. This is done by exploiting weak points in the operating system or in specific applications and this is no longer a problem exclusive to Windows. The main focus is still clearly on Windows systems but the risks of becoming part of a Botnet are also increasing for (e.g.) Linux hosts. Linux servers with an installed IRC server can be compromised and the IRC server used as the core element of a Botnet
The potential dangers
Unfortunately, the prevalent opinion of most users seems to be that it does not matter if the home PC is infected with Malware or not - as long as it seems to continue operating properly. These users usually never even consider the fact that other users may be damaged by this and that the owner of the computer is an accomplice to the crime without realizing it. Malware was previously programmed to illustrate the capabilities of the author. Paradoxically, very malicious and effective Malware is usually exceptionally well and efficiently programmed - after all, it should remain undetected and not fall victim to the security software.
However, the massive growth of the Internet has provided new sources of income for Malware programmers. This relates not only to the illegal distribution of the pest but to much more criminal intentions of providing income for the Botnet operators. The possibilities are worrying and combined with the lack of protection and the lack of caution shown by many users this is a very threatening situation. For example, the "owner" of a Botnet can carry out one or more of the following actions:
* Every infected PC can be used as a Proxy Server for criminal activities while hiding the perpetrator. Hackers can initiate an attack from other computers under their control rather than from their own computer.
* Infected PCs can be used for downloading and distributing illegal material such as child pornography, Warez, films, music, etc. without the knowledge of the owner. However, the owner is legally responsible for these activities.
* Bots are also usually equipped with Keyloggers that record personal data, such as credit card numbers and passwords, and send this data to the Botnet owner.
* Every infected system can infect other systems.
* Botnets are also often used for blackmailing particular Website operators or even entire Providers. If several hundred or thousand computers access the same Website using their full Internet connection speed, then this usually overloads and crashes the Provider Website. This type of crash can result in a loss of income or even bring the affected company to a standstill. The operator then has no other option than to pay the blackmailer the amount demanded. The operator has no way of defending themselves against this type of attack and identification of the attacker is usually impossible.
* Last but not least, Botnets are often used for sending Spam. The email programs of the infected computer usually contain large numbers of email addresses, which are then bombarded with new pests and also unwanted advertising emails. In the first case, the Botnet operators receive new Bots in their Botnet, and in the second case they receive cash from their customers - often sellers of online potency drugs or fake brand-name products such as watches.
While reading this article, we hope that you are not thinking "this does not really affect me". Most PC owners do not realize that their computer is infected. This is logical – you are not supposed to notice this type of infection. If we believe a report from the BBC, then 100 to 150 million of the 600 million Internet PCs worldwide are infected with Bots - about one quarter of all Internet PCs. We wish to explicitly repeat the fact that the abovementioned activities are all highly illegal and that the owner of the system carries the full responsibility for these activities. This brings to mind the well-known phrase – "Ignorance is not an excuse".
from; http://www.emsisoft.com/en/kb/articles/tec070503/ |
|
|
| beats and beeps |
oh yeah i totally just read that whole thing.
you're trying my attention span more than josh 4 |
|
|
| SuspicionVandit |
| quote: | Originally posted by VAR
"Ignorance is not an excuse". |
true story.
in other news, the bots in the upcoming Unreal Tournament III game are orchestrating to develop SkyNet.
| quote: | hen you're in for a treat. They've put a load of budget into the artificial intelligence development for this game. The quality of the AI can be best summed up by a quote from Epic's Steve Polge.
quote:
When I first got the Darkwalker up and running, I was really surprised to see bots jump in and start really effectively sowing destruction and navigating around with it, even though I hadn't written any custom AI for the vehicle, and it had very different attributes than any other vehicle in the game. There have also been quite a few cases during development of what seemed like bots cheating turning out to be bots effectively exploiting bugs in the game.
Hear that? BOTS WERE FINDING EXPLOITS AND... USING THEM! |
possibly to create their own BotNets?????!!!!!! |
|
|
| VAR |
no, not trying your attention span- but yeah, that is a long article.
just trying to make people more aware. |
|
|
|
|
