Bots, Botnets, Battlestar Galactica

andershornor

Anders Hornor

Posted on April 16, 2019

Bots, Botnets, Battlestar Galactica

Maybe your email is overloaded with spam or maybe your website has been clogged by a massive influx in obscure maybe faulty traffic or maybe you've googled something in all of these cases you've interacted with a bot or botnet and not known it.

What is a bot?

A WWW robot, also know as an online robot and more colloquially known as a bot is an autonomous program that coopts the functionality of a computer to complete generally repetitive tasks in fractions of the amount of time it would take a human to complete. Kind of like a dishwasher for dishes or a nail gun for nailing things in or maybe a laundry machine for laundering things. Much like all of the mentioned appliances a bot is directed to complete a task and does all of the hard work in a fraction of the time. Well sometimes laundry machines take longer than I think it’d take me to wash clothes but I have never legitimately hand-washed clothes so what can I say also its beside the point.
So how does a bot work? Well much like a dish washer. It has spinning blades with tiny holes on them that fill with water and spray water all over soapy dishes then heat up the water with a heating coil and then drain the water and blow air through the spinning blades to dry off all the dishes. In the case of a bot the dishes don’t exist and the spinning blades don’t exists and there is no cleaning going on or water anywhere for the most part. So it's like a dish washer but with none of its parts….Alright so a dish washer is like a bot . well that’s not it either. So bots and dish washers are both programmed to do a certain thing. In the case of a bot it’s a program that’s been designed to complete a task after a certain set of circumstances are met or to continually do a specific thing until its told otherwise or it completes what it is doing.
I cant say why but I’m running with this washing machine metaphor. I mean it kind of works. Anyway much like a washing machine and how pushing some buttons turns on the washing machine typing some code initiates a bots function, a command is given and then from there some prior programming sets the washing machine in motion and the bot doing its repetitive task. As opposed to most bots depending on which buttons you press it sprays water at a certain time and it spins a certain speed and switches to cold water after a certain time and then turns heat on at a certain time. A bot acts in a similar way but generally with less adaptability. Its prior programming or input from an owner sets it to perform a specific task. Its basically a program that performs functions similar to what a human would do. 
 Unlike washing machines bots come in many flavors they are more like all the different appliances in your house and some not in your house. They complete all different sorts of tasks but unlike most of the appliances in your house some of the tasks are helpful or harmless such as web crawling while others are rather malicious. In this way you can think of malicious bots as dismantling an appliance to use it as a booby trap or weapon or something else malicious. So bots are tools used to do repetitive tasks on the computer. Some of the tools are used for harm while others are used to help. Some helpful bots are web crawlers that creep around the web collecting information to help route people to things they would like to see. Others are used maliciously like spam bots to clog servers or spread malicious phishing emails.

What is a botnet?

As its name suggests a botnet is a network of bots that work independently and communicate remotely with a central organizing controller or owner. In the case of certain botnets the computers hosting the bots have been the victims of another attack. The victim’s computer has been zombimified (zombified?) by several different forms of hack. One such case of zombification is a Trojan horse virus which downloads the bot onto the victims computer. After being compromised the owner of the botnet then uses one of a few different methods to communicate with the bot to command and control(C&C) it. Some methods include Internet Relay Chat(IRC) or through access to specialized domains. These C&C techniques all allow a controller to communicate with the bot(s) on infected computers and direct them to enact generally malicious processes on the victims computer. An example of such would take the form of code resembling something like


ddos.phatwonk [host] [time] [delay] 


Or maybe something like

ddos.httpflood [url] [number] [referrer] [recursive = true||false]

Source

These malicious commands would be received by hundreds, thousands maybe even millions of infected computers and from there commit one of the more common botnet attacks on a server; a Distributed Denial-of-Service Attack(DDoS)

What are botnets used for?

While bots can be used for less malicious reasons as mentioned before (eg, web crawling for search engine databases) they are generally used for less reputable reasons or in highly malicious ways. Researches at Brown University in the US have coalesced a fairly comprehensive list of such tasks that malicious bots and botnets are used for.
“Attackers can use botnets to carry out an assortment of nasty tasks, such as: keystroke logging, sniffing traffic, sharing pornography, spewing spam and launching phishing attacks, using your computer to infect other systems, installing just about anything available on the Internet onto your computer, stealing passwords, scanning local area networks for vulnerabilities, distributing pirated media, exploiting vulnerabilities including “backdoors” left open by other worms and Trojans, supporting extortion by threatening DDoS attacks, and encrypting then holding your data hostage (called “ransomware”)”. source
Famous examples of some such attacks using different C&C techniques include spam bots like the Rustock Botnet, Mega-D Botnet, Srizbi Botnet all of which at one time individually contributed to 30% or more of all spam in the world. Namely the Srizbi botnet which after its destruction lead to a 93% decrease in spam worldwide….Like holy shit man that’s nuts. Anyway some other malicious DDoS bot include Nitol botnet or MrBlack Botnet. There are also some highly sophisticated botnets that are at this time still worming their way around the internet and known to be quite powerful such as the Storm botnet which has been used for many different malicious reasons such as DDoS attacks and email address stealing.

Conclusion?
In conclusion botnets are conglomerations of zombie computers that are controlled remotely to complete online tasks in fractions fo the amount of time that humans could. Generally malicious botnets have been spamming your computer since the damn of their existence and will most likely continue doing so long after you’re gone.

💖 💪 🙅 🚩
andershornor
Anders Hornor

Posted on April 16, 2019

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related

REST API Security Essentials
apisecurity REST API Security Essentials

October 30, 2024