Hello folks.
I want to start of by saying thanks to Vindicated from MMOwned for giving the idea about this subject / topic. Then, I would like to say that I only have been researching this for 10 minutes, and therefore, there could be made errors in my explanations.
Hope you'll understand what I'm saying anyway.
What is a botnet?
A botnet is a term for a lot of computers connected to an network - mostly an IRC Network. But it's not just normal computers - it's "zombie computers". Zombie Computers are computers that have been infected by a hacker, and the hacker should have control of the PC.
Why's that dangerous?
Because he's using the computers to send mails out to everyone - via the IRC network. Remember, the PC's are connected to the same IRC network, and on the IRC network, there's a bot that is controlled by the hacker. An example: The hacker could just write: "!sendmail" in his IRC client, and the IRC bot will do the rest for him - it'll send out mails from the Zombie Computers to everyone on the maillist (maillist is typically layed on some webserver).
I don't get it.
Of course not. In the emails that's being sent out, there's included virus'. Trojans, worms, keyloggers, Passwordstealers, everything. When people open these applications, their computer turns into a zombie computer. They can't feel it, and their anti-virus will not report about it - since the virus' being sent are homemade and therefore not detected by any anti-virus. The person being infected will now be connected to the botnet.
Oh.. But, what's the point of it?
The hacker has control of his botnet now. Now, he can go to any underground selling site, like unkn0wn.ws and sell his logs, that the IRC bot creates. Lets say, that in these logs, you can find Credit card information, passwords for everything, personal information and so on. Therefore, the hacker can selling his logs for something around 1500£, if it's a big botnet of course. The cool thing is that it's a really good business for the bot-herder (botnet controller).
How do I protect myself from these emails?
Just use common sense. You can of course be unlucky, and one of your very trusted friend has been infected, and therefore you're like: "Nah, he / she wont be doing that..", and then you get infected. Therefore, you always should check by yourself on some analysing site. I can't remember the site that I use, but yeah well...
Usually I don't get mails with links for anything - but ..
If the mail says: "Look at those awesome pictures from my holiday!" and there's an EXE included, you probably shouldn't open. I don't want to explain why, if you don't get what I mean.
Or - if you know that the person hasn't been on holiday .. Or you can ask the person back if it really IS the person. As far as I know, the IRC bot doesn't have an AI..
Final notes
But yeah, you should really take care out there. There's some unknown botnets around there, and some VERY private ones that no one knows. I've been tricked into a botnet once. Had to buy a new PC, because I got infected by multiple things. Not just one virus ..
But yeah, basicly, a botnet is a network of computers connected to the same IRC server. From the server, the botnet controller (bot-herder) can control the computers totally, without the computerowner can notice it.
Ask if you don't get something.
- Pvpede
Abonner på:
Kommentarer til indlægget (Atom)
Ingen kommentarer:
Send en kommentar