Zombies and Botnets

Network of compromised computers or devices controlled remotely by malicious actors
The attacker who controls the botnet will be able to use the Processing, Memory, Storage, and Networking capabilities of your system without your consent.
Each botnet is made up of hundreds-millions of Zombies

Name of a compromised computer or device that is part of a botnet
Used to perform tasks using remote commands from the attacker without the user's knowledge

Computer responsible for managing and coordinating the activities of other nodes or devices within a network
If your system is now a zombie, it will now be under the control of the attacker, which can use a Command and Control Node, known as a C2 node, to control all the zombies inside of their specific botnet.
The attacker can then tell the zombies to perform lots of different things, including using zombies as pivot points so they can get access to a new victim, or if they're attacking a server, they can access it through your computer to make it look like you are the one performing the attack

as pivot points
disguise the real attacker
to host illegal activities
- Thousands of machines sharing illegal content without the Control Node being exposed
to spam others by sending out phishing campaigns and other malware

Most common use for a botnet is to conduct a DDoS (Distributed Denial-of-Service) attack
Distributed Denial-of-Service DDoS Attacks
- Occurs when many machines target a single victim and attack them at the exact same time
- Forces your web server online, your server cannot handle that many users at the same time!
Mining cryptocurripngcing in the background without your knowledge or consent.
Botnets are used by attackers to combine processing power to break through different types of encryption schemes
Attackers usually only use about 20-25% of any zombie’s power
- So that it takes you a little bit longer to detect that
- Otherwise you will start looking for the cause