Botnets
Well, there's a good article on botnets, and how they work here. I had an argument in Chicago this summer with a friend who couldn't see the point in them. I hope this article will effectively articulate the danger, and fun, of such nets.
Simply put, a botnet is a network of computers that run software to allow another person to control them. Some call them zombies, for good reason. The software that's run can be anything. It can view your screen, make you download programs, turn on your webcam. Anything that the creator wants.
Now, what's the point of these botnets?
Originally they were just used for Denial os Service attacks (DoS), specifically Distributed Denial of Service attacks (DDos). A DoS attack, in lay terms, is where you load a webpage so many times the server catches on fire. Well, very rarely, though I have heard of boxes smoking from too many hits. But either way, the website goes down. Very bad for business for eCommerce websites. A DDoS attack simply spreads out the attackers. A DoS attack slows down the attack's computer as well, so works both ways. a DDoS attack uses hundreds, or thousands, of computers to attack. Instead of each sending a million requests, each might send 10 or 15 in a short amount of time. If the timing is correct, then with very little hit to computing power, the same effect is realized.
While destructive, a botnet used for a DDoS attack is not that great. Sure, you take someone off the web... who cares? It might be one website, it might be ten. They can recover. The new trick is using these botnets for whatever nefarious deeds you want. Installing trojans (the bots) that you can talk to. Many virii join irc chat rooms in order to recieve instructions. So, instead of having one purpose these bots are multi-talented.
What can you do with a bot?
- You can download adware and spyware. Adware companies typically pay a few cents per computer the adware is installed on. For a few computers, not worth it. For a small botnet, (10,000 computers), all of a sudden its worth it.
- You can steal credentials. Many people keep their credit card numbers stored in their browser, this is real easy to get to. If only 5% of the people do (a low estimate believe me) then you can get 500 people from the aforementioned small botnet. Now, you can use each card just once, and get 500 free items. Or, sell to the highest bidder. Or, if you're organized crime, just wait until you need it.
- You can sell the computers. A lot of botnet operators "rent" their nets to other for the above deeds. QUite handy, renting something you don't own for whatever price you want.
- Anything you can do on a normal computer, the bot can do for you. Such as turn on a webcam (amateur porn, without having to pay the actor), chat (thanks windows messenger), take screenshots (blackmail), browse the files on disc (blackmail, obtain: stored passwords, credentials, credit card numbers, tax returns, whatever you want). Fun stuff can be had, all the way from harassing someone who pissed you off in second grade all the way to mass credit card fraud and beyond.
Now, the main thing my friend had trouble believing is that it's worth it to root machines and set up these nets. He couldn't see the monetary gain in such an endevour. Well, if you read the article (its good, so do the whole thing) you'll see this *one* botnet operator could pull in $10,000 a month. As a high school drop out. If he was connected to organized crime, or even just sold some of the stuff he pulled off the computers (he says he doesn't because it's too risky) that could go much higher. Easily $100 grand a year if you were smart. For working an hour a day (at most).
Now, I mention the organized crime for one very good reason. Covering up your tracks. If someone were to have connections in the government of a country, or police force high up, they could easily get away with all this. Even after bribes, you could rake in the money. So, I argue that if you do it right, you can get away with being a botnet operator. However, doing it right is where it's tricky. Many get away with it, in fact most get away with it. However, if you were to move somewhere where the Internet laws aren't strict, which is not friendly to the US, you could make a great living.
So, yes, that was a *very* quick and dirty overview of botnets, but I hope people see how lucrative they can be. Also, the fun aspect, which I didn't get into.
Imagine a game, if you will... which had every player's computer part of the botnet. Each player's goal was to eliminate the other players, in some fasion. Or as a new type of IM client. Each person ran their own server, and you just directly connected to your friends. Or file sharing. Or "new" Internet.
I'm gonna be playing with the above possibilities for a while. See what I can come up with.
February 28th, 2006 at 8:25 pm
You left out a big thing botnets are used for: spam. Look at the IP addresses you get spammed from (including web forums, if you have admin access to any). A significant percentage of the spam you get comes from cracked Windows machines sitting in a dorm room or den.
March 1st, 2006 at 8:53 am
Heh, I definately meant to include spam. Dunno why it wasn’t in there. But yea, you’re absolutely right. And that’s one of the main reasons many ways to defeat spam (pricing functions, etc) fail. Distributed computing makes it too easy for them to send.