ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Botnets: Uses and Consequences

Updated on April 7, 2015

Published: November 5, 2011

Why should users be concerned if their computers are infected by rootkits and joined to botnets? The answer is the damage that their infected systems can do. There are myriads of harmful uses for botnets and bot-herders are not limited to a single type. The following list defines some of those uses:

  • Distributed Denial-of-Service Attacks
  • Spamming
  • Sniffing Traffic
  • Key logging
  • Spreading new malware
  • Installing Advertisement Add-on's and Browser Helper Objects (BHOs)
  • Google AdSense abuse
  • Attacking IRC Chat Networks
  • Manipulating online polls/games
  • Mass identity theft

Botnets are not limited to any one type of activity and participating bots may contain add-on Trojans as payloads, in fact; controlling botnets has grown into big-business.

The Business of Bots

Viruses evolved into worms or nefarious code that retain the ability to infect new hosts without the aid of users. The ability of these worms to seek out new hosts led to the inclusion of rootkits and botnet development. Schiller (2007) proposed some alarming questions that describe the current nature of botnets. These questions are as follow:

  • What if each PC infected by a worm remained under the control of the worm's author?
  • What if notoriety was no longer the driving force among hackers?
  • What if the purpose for writing worms drifted to making money?

The what if component in the above questions is no longer hypothetical; those states currently exist.

Botnet Underground

There are underground opportunities for bot-herders to accumulate large sums of money by performing the attacks listed in the previous section for hire. Some bot-herders create web sites dedicated to offering their services. Berinato (2007) reported that security researchers discovered a very large Eastern European e-Business website that charges clients to infect host computers and join those computers to a botnet.

This particular site, called loads.cc, is not alone; there are others. Many of these sites are located in countries with lax security control of their top level domains. The ccdomain is assigned to a territory of Australia but the loads.cc website is believed to originate out of Russia. A business model open to anyone that only charges 20 cents to infect a host, the business model of loads.cc, presents a number of security concerns: unsuspecting victims may own infected machines hosting dozens of bots, each connecting the host to a botnet.

Using the collections of infected computers, cybercriminals have gleaned enough personal data to continue identity-theft operations for many years. The economic impact of spamming operations is just as alarming. As stated by Spammer-X, (2004), spammers can easily send thousands of e-mails from different machines and the risk of these spammers being caught is very low when using botnets.

The interest from spammers became so great that hackers began to sell Botnets, and dealing in compromised machines became part of a secret underground virtual economy. …In the beginning the cost was high. For a 200 zombie botnet, a spammer or hacker could expect to pay up to $1,000.00, but as more worms propagated, the price dropped. Soon, exclusive control over 1000 hosts could be bought for as little as $500.00. Now, exclusive control over a single zombie can sell for as little as 10 cents! (Spammer-X, 2004).

That the business of botnets is exploding is a conclusion that cannot be denied. The number of intercepted botnet communications has grown from a daily figure of 333,023 in June of 2006 to a daily figure of 7,303,148 by January of 2008.

Consequences of Infection

Individuals and organizations are responsible for the activities originating from their computers. Although civil liability or criminal prosecution may be avoided if the activity can be linked to a system compromise, these consequences should be a concern to all computer users. According to Delio (2004), dozens of respondents to a news story claimed to have lost jobs or their good reputations when traces of pornography were found on their computers after being placed their, by a browser hijacker. The case of “Jack” provides a more detailed example:

A victim named Jack by Delio (2004) experienced uncontrollable browser hijacking as the result of a botnet infection. The re-directs often led Jack's browser to illegal porn sites. These sites appeared as pop-ups and closing one site resulted in opening up others. Jack's start page was changed and his favorites were changed to point to illegal porn sites. The only way to stop the activity was to turn off the computer. When Jack later tried to connect to the web, he was once again directed to illegal porn sites and pictures of child porn would display in pop-ups. The police finally raided Jack's house and confiscated his computer, which resulted in Jack spending 180 days in a correction's institution.

Jack’s case, although extreme, demonstrates the possible consequences to unsuspecting victims of Trojans and botnets but all users should remember that they are responsible for the traffic that flows across their Internet connections. Another overlooked consequence to the user is the unnecessary replacement of infected computers. "Newer machines feel old, so people end up buying new machines more often than they have to" (Acohido and Swartz, 2008).

Perhaps the greatest consequence of botnet infection is the effect on the communications infrastructure. “Says Adam O'Donnell, Cloudmark's director of emerging technology; Telecoms and Internet service providers must absorb the cost of carrying botnet traffic; they can be expected to pass that expense onto companies and consumers, he says” (Acohido and Swartz, 2008).

What are your thoughts?

As always, the author appreciates all comments.

Comments

    0 of 8192 characters used
    Post Comment

    • profile image

      fima 

      6 years ago

      There were 2 very serious articles, one from

      Homeland wire web site and another from Fox news web site.

      Both articles wrote about my criminal case of porn possession from

      2002 - 2004. They have links to article in Wired News 'Browser

      Hijackers Ruining lives' written after interview with me in 2004

      http://www.wired.com/techbiz/it/news/2004/05/63391

      You can read in article "Digital DNA the new DNA' in Homeland Security wire:

      http://www.homelandsecuritynewswire.com/dr20111129...

      ‘With the increasing ubiquity of computers, smart phones, and other

      electronic devices comes a torrent of "digital DNA," which can be used

      to record an individual's every move and even convict them of a crime’

      Also about my case:

      ‘In one case from 2002, an individual was sent to jail after police

      found pornographic images on his computer, but security experts later

      said law enforcement officials had mishandled the digital evidence.’

      I think this is very serious web site, and this is very serious accusations

      The experts explained that a “browser hijacker” could have been used

      to remotely plant the pornographic images on the suspect’s computer

      without their knowledge.

      There was also article in Fox News 'Fighting crime with digital DNA'

      There is also link to Wired article 'Browser Hijackers Ruining lives'

      When I was interviewed for this article in 2004 I provided full

      information about myself

      http://www.foxnews.com/scitech/2011/11/18/fighting...

      Fox news Editor Jeremy Kaplan wrote

      ‘Attorneys are very good at taking digital evidence out of context and then convincing a jury of the guilt of someone based on it

      In 2002, "Jack" was sent to jail after police found pornographic

      images on his home computer. Security experts later told Wired News

      that the digital data had been mishandled: They suggested it could

      have been put on his computer remotely through what's called a

      "browser hijacker" -- a malicious bit of software that changes browser

      settings and can easily be built to store data on a PC'

      You may understand that this is all very serious. Hennepin county law

      enforcements mishandled digital evidence in 2002-2004. And you may

      remember who was District Attorney in this county in 2002-2004: Amy

      Klobuchar, now US Senator.

      I do not understand why they published this 10 years later. I may tell

      you that I am still surprised at what degree law enforcements did not

      care about any evidence in 2002-2004. They just wanted to convict me.

      I just think if Fox News and Homeland Security Wire web sites wrote

      about this 10 years later, many others may be interested.

      In 2004 article 'Browser Hijackers ruining lives' was read by many

      millions of people in different countries. This is classical example

      of different kinds of misbehavior. Too many people remember this

    • profile image

      Fima Estrin 

      6 years ago

      Here is case of school teacher Julie Amero

      http://en.wikipedia.org/wiki/State_of_Connecticut_...

    • Dumbledore profile imageAUTHOR

      This Old Guy 

      6 years ago from Somewhere in Ohio

      Fima,

      I am very pleased to correspond with you through hub pages. I came across the article while doing research on the topic of botnets and decided that the example demonstrated the extreme consequences of someone else taking over a computer.

      I use this example in a class I teach on network security because this example seems to make many of my students wake up to the possible dangers of surfing the web.

      I am very sorry for the way the legal system treated your case. I feel the sentence was extreme, since you really did not know what your computer was doing.

      I would welcome your comments on any other hubs I write -- please stay in touch; I would like to know how things work out for you.

    • profile image

      FIma 

      6 years ago

      I sent an answer but it got deleted

      I am jack from this article

    • profile image

      Fima Estrin 

      6 years ago

      Yes. I was on probation and did not want my real name to be published. reporter Dellio sent me list of question.

      She named me Jack

      Also she interviewed Brian Rothery, Irish writer who wrote my story. There were many more articles, and security professional were interested. One company offered to defend me free, but it was too late. prosecutors promised me many years in prison if I am not plead guilty.

    • Dumbledore profile imageAUTHOR

      This Old Guy 

      6 years ago from Somewhere in Ohio

      Fina,

      Are you "Jack" from the article?

    • profile image

      Fima Estrin 

      6 years ago

      Article Browser Hijacker ruining lives were written after interview with me

      http://estrinyefim.newsvine.com/_news/2010/07/29/4...

    working

    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://hubpages.com/privacy-policy#gdpr

    Show Details
    Necessary
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
    Features
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Marketing
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Statistics
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)