Botnets

 Botnets 

DISCLAIMER 

Do not attempt to create a botnet under any circumstances. They are highly illegal and against the Computer Misuse Act. 

What is a botnet? 

A botnet is a collection of computers that have been infected with malware. These computers are controlled by a hacker to send attacks against servers. Botnets are highly effective due to the sheer number of machines launching attacks on the server. 

Examples of botnet attacks 

    • Mirai Botnet (2016): One of the most notorious botnet attacks, the Mirai botnet infected hundreds of thousands of IoT (Internet of Things) devices, such as cameras and routers, by exploiting weak or default passwords. It was used to launch massive Distributed Denial of Service (DDoS) attacks, including one that targeted Dyn, a major DNS provider, causing widespread internet outages across the United States. 
    • WannaCry Ransomware (2017): While not a traditional botnet, WannaCry utilized a worm-like capability to spread rapidly across networks, infecting hundreds of thousands of computers worldwide. It exploited a vulnerability in Windows SMB (Server Message Block) protocol to encrypt files and demanded ransom payments in Bitcoin. Though its propagation wasn't solely based on botnet techniques, it demonstrated the potential for widespread disruption through automated propagation. 
    • Satori Botnet (2017): Satori, also known as Okiru, targeted IoT devices like routers and security cameras, similar to Mirai. It quickly infected thousands of devices and was used to launch DDoS attacks, exploit vulnerabilities, and even mine cryptocurrencies using the processing power of compromised devices. 
    • Marai Variant Attacks (2018): After the original Mirai source code was leaked online, numerous variants emerged, each with its improvements and targets. These variants continued to exploit IoT device vulnerabilities, leading to numerous DDoS attacks and disruptions across various industries. 
    • Emotet Botnet (2019 - 2021): Emotet started as a banking trojan but evolved into one of the most sophisticated and widely distributed malware families. It primarily spread through malicious email attachments and links, infecting endpoints and turning them into bots. Emotet was often used as a payload delivery system for other malware, including ransomware and information stealers. 

Comments

Post a Comment

Popular posts from this blog

OSA Assignment 1 - Task 3 GUIDE

Image
  OSA Assignment 1 – Task 3 Guide     Exam parameters   Time length – 5 hours (2x 2 ½ sessions)   Marks available – 28     Task 3: Design – Communication Equipment   In this task you are required to submit :   A technical proposal covering the switches, wireless infrastructure and specifications   Justification of planned network architecture and considerations for security, resilience, performance and redundancy   Evidence print screens   Annotated floor plan/network diagram     Technical Proposal   The technical proposal in task 3 follows a similar format as task 2. It's another large document detailing the requirements and recommendations for the company. In task 3, however , it should discuss communication and other digital equipment such as switches, CCTV and APs.   You should recommend multiple hardware solutions and justify between them.   Here are some examples of tables and information ...
Read more

OSA Assignment 1 - Task 1 GUIDE

  OSA Assignment 1 – Task 1 Guide     Exam parameters   Time length – 3 hours   Marks available – 20     Task 1: Planning   In this task you are required to submit :   A project plan   Gantt chart showing th e critical path   Explanation of legal requirements   Physical and digital threat countermeasures   Annotated floor plan     Gantt Chart   The Gantt Chart is the first document you should create. This details each phase of the project alongside the timescale to complete it.   Ensure you make a note of the deadline for the project along with any pre-requisites such as cabling. This should all be implemented into your Gantt Chart.   You can follow a layout like this:   Project:   Pre considerations (Gathering project timescale, risk assessments, ...)   Planning (Devising project plan, identifying budget, ...)   Design (Research hardware, identify topology, ...)   Pre ...
Read more

OSA Summer 2023 Mock - Task 1, Assignment 1

Image
  OSA Summer 2023 Mock – Task 1           Legal requirements   The company must ensure they are compliant with the correct legislation whilst the project is undertaken.   If any person is working at height, the correct safety measures to prevent injury or death must be imposed under The Work at Height Regulations 2005. They must have an appropriate safety harness on and hazardous areas at height should be i dentified in the risk assessment.   By storing data internally on a local file server, the business is responsible for maintaining the confidentiality, availability and integrity of that data. They must comply with The Data Protection Act 2018 and General Data Protection Regulations.   Display screen equipment regulations (DSE) should be considered when installing workstations. Ergonomic and posture-friendly chairs should be installed and employees given appropriate breaks from working around screens.     Data p...
Read more