A Botnet is a collection of internet-connected devices which are compromised by the cybercriminals. It works as a force multiplier for the cybercriminals that are working individuals or in groups to target a system. It is widely used in DDoS attacks. As it has a large number of connected devices it has the ability to send a large volume of spam and spay on people and firms.
The cybercriminal infects a connected device by malware and builds a botnet on it. Once the attackers become successful in compromise a network or device on a network it becomes able to get access to the entire device connected to it.
Known active Botnet
Given below are some of the known active Botnet.
Mirai was the most active botnet in the second quarter of 2018. It is still growing and running. It has added a new feature which has the ability to turn infected devices into swam of proxies and malware.
The botnet allows the attackers to use infected device hardware to earn Bitcoin, Monero and other cryptocurrencies.
Reaper (a.k.a. IoTroop)
In 2017 a new Botnet was discovered by checkpoint researchers known as loTroop or reaper. This is more powerful than the marai, as it can compromise IoT devices and can take down the entire internet after the owner get it started.
Reaper can target at least nine different vulnerabilities from nearly a dozen different device makers. The attackers have the ability to update the botnet code to make it more damaging.
One of the latest types of Botnet is Echobot which was discovered in 2019. It is a Mirai which uses more than 26 exploits to expand itself. It exploits unpatched IoT devices and vulnerable enterprise applications.
Emotet, Gamut, and Necurs
These are three common types of the botnet that spew spam. The main purpose of these three botnets is to eject more spam at high volume to deliver malware or payload. Each has its own specialty to perform.
Emotet is used to steak emails from the mailboxes of the victims. These emails are used to craft malicious messages to fool the victims. It is also used to steal SMTP credentials, which is helpful in taking over the emails.
Gamut is specialized in spamming emails through which a relationship is created with the victims. They can use a different trick like dating or romancing or fraud job offers.
Necurs is used to deliver ransomware or other extortion attacks to a device. It was discovered in 2012 and hasn’t received any attention.