Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Bots and Botnet


Published on

Bots and Botnet are the biggest threat of internet. Various attacks have been launched using this.

Published in: Education
  • Be the first to comment

  • Be the first to like this

Bots and Botnet

  1. 1. Bot and Botnets By : Sitanshu Dubey Security analyst and researcher Hicube Infosec Pvt. Ltd. E-mail:
  2. 2. Session Flowo Introductiono Type of Attackso History of Botneto Type of Botneto Workingo Some Statso Preventiono Conclusion
  3. 3. Introductiono Bots : Bots are short form of ‘robots’ which works on commands given by the Administrator. Here bots are refer to malware infected computers which is controlled by a hacker.
  4. 4. Introductiono Botnet : Botnet is a network of infected computers which works on commands issued by attackers. OR Botnet is a group of bots which is controlled by an attacker.
  5. 5. Type of Attackso DDoS Attackso Spammingo Key Loggingo Identity Thefto Phishingo Click Fraudo Distribution of Malwares (Spyware/Adware)
  6. 6. History of Botneto Originally used in IRC as a way to allow automated tasks to be done.o Eventually evolved into a way to automate malicious tasks.o Started with DoS/DDoS against servers. TFN, stacheldraht, trinoo (1999)
  7. 7. Types of Botneto IRC Based Botnet :o HTTP Based Botnet:o P2P Based Botnet:
  8. 8. Working1. Worm/Trojan programthats usually transmittedthrough a spam.
  9. 9. Working1. Worm/Trojan programthats usually transmittedthrough a spam. 2. Bot connects to IRC C&C channel
  10. 10. Working3. Botmaster sendscommands through IRCC&C channel to bots
  11. 11. Working4. Repeat. Soon thebotmaster has an armyof bots to control froma single point
  12. 12. Some Statso DDoS attack on an Asian e-commerce company in Nov. 2011o According to security company Prolexic it was the largest DDoS attacks in 2011o The 15,000 requests per second were performed by a botnet of 250,000 PCs in total, which together peaked at 45Gbps DDoS traffic.
  13. 13. Some Statso The DDoS attack was launched against Spamhaus , an organization that stops spam emails from getting to people’s inboxes, apparently by one or more of groups whose spam was being targeted, on 26 March 2013.o It is the Biggest Cyber Threat till the date.
  14. 14. ExamplesSome popular loaders are here:o Zeus Bot (Http Based)o VertexNet (Http Based)o SpyEye (Http Based)o GT Bot (IRC Based)
  15. 15. Preventiono Using anti-virus and anti-spyware software and keeping it up to date.o Using a firewall to protect your computer from hacking attacks while it is connected to the Internet.o Setting your operating system software to download and install security patches automatically.o Being cautious about opening any attachments or downloading files from emails you receive.
  16. 16. Conclusiono Attacker remains anonymous and hard to trace.o Used in many malicious activity.o It’s a biggest threat of internet.o Works automatically and autonomously