ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Botnets: Uses and Consequences

Updated on April 7, 2015

Published: November 5, 2011

Why should users be concerned if their computers are infected by rootkits and joined to botnets? The answer is the damage that their infected systems can do. There are myriads of harmful uses for botnets and bot-herders are not limited to a single type. The following list defines some of those uses:

  • Distributed Denial-of-Service Attacks
  • Spamming
  • Sniffing Traffic
  • Key logging
  • Spreading new malware
  • Installing Advertisement Add-on's and Browser Helper Objects (BHOs)
  • Google AdSense abuse
  • Attacking IRC Chat Networks
  • Manipulating online polls/games
  • Mass identity theft

Botnets are not limited to any one type of activity and participating bots may contain add-on Trojans as payloads, in fact; controlling botnets has grown into big-business.

The Business of Bots

Viruses evolved into worms or nefarious code that retain the ability to infect new hosts without the aid of users. The ability of these worms to seek out new hosts led to the inclusion of rootkits and botnet development. Schiller (2007) proposed some alarming questions that describe the current nature of botnets. These questions are as follow:

  • What if each PC infected by a worm remained under the control of the worm's author?
  • What if notoriety was no longer the driving force among hackers?
  • What if the purpose for writing worms drifted to making money?

The what if component in the above questions is no longer hypothetical; those states currently exist.

Botnet Underground

There are underground opportunities for bot-herders to accumulate large sums of money by performing the attacks listed in the previous section for hire. Some bot-herders create web sites dedicated to offering their services. Berinato (2007) reported that security researchers discovered a very large Eastern European e-Business website that charges clients to infect host computers and join those computers to a botnet.

This particular site, called loads.cc, is not alone; there are others. Many of these sites are located in countries with lax security control of their top level domains. The ccdomain is assigned to a territory of Australia but the loads.cc website is believed to originate out of Russia. A business model open to anyone that only charges 20 cents to infect a host, the business model of loads.cc, presents a number of security concerns: unsuspecting victims may own infected machines hosting dozens of bots, each connecting the host to a botnet.

Using the collections of infected computers, cybercriminals have gleaned enough personal data to continue identity-theft operations for many years. The economic impact of spamming operations is just as alarming. As stated by Spammer-X, (2004), spammers can easily send thousands of e-mails from different machines and the risk of these spammers being caught is very low when using botnets.

The interest from spammers became so great that hackers began to sell Botnets, and dealing in compromised machines became part of a secret underground virtual economy. …In the beginning the cost was high. For a 200 zombie botnet, a spammer or hacker could expect to pay up to $1,000.00, but as more worms propagated, the price dropped. Soon, exclusive control over 1000 hosts could be bought for as little as $500.00. Now, exclusive control over a single zombie can sell for as little as 10 cents! (Spammer-X, 2004).

That the business of botnets is exploding is a conclusion that cannot be denied. The number of intercepted botnet communications has grown from a daily figure of 333,023 in June of 2006 to a daily figure of 7,303,148 by January of 2008.

Consequences of Infection

Individuals and organizations are responsible for the activities originating from their computers. Although civil liability or criminal prosecution may be avoided if the activity can be linked to a system compromise, these consequences should be a concern to all computer users. According to Delio (2004), dozens of respondents to a news story claimed to have lost jobs or their good reputations when traces of pornography were found on their computers after being placed their, by a browser hijacker. The case of “Jack” provides a more detailed example:

A victim named Jack by Delio (2004) experienced uncontrollable browser hijacking as the result of a botnet infection. The re-directs often led Jack's browser to illegal porn sites. These sites appeared as pop-ups and closing one site resulted in opening up others. Jack's start page was changed and his favorites were changed to point to illegal porn sites. The only way to stop the activity was to turn off the computer. When Jack later tried to connect to the web, he was once again directed to illegal porn sites and pictures of child porn would display in pop-ups. The police finally raided Jack's house and confiscated his computer, which resulted in Jack spending 180 days in a correction's institution.

Jack’s case, although extreme, demonstrates the possible consequences to unsuspecting victims of Trojans and botnets but all users should remember that they are responsible for the traffic that flows across their Internet connections. Another overlooked consequence to the user is the unnecessary replacement of infected computers. "Newer machines feel old, so people end up buying new machines more often than they have to" (Acohido and Swartz, 2008).

Perhaps the greatest consequence of botnet infection is the effect on the communications infrastructure. “Says Adam O'Donnell, Cloudmark's director of emerging technology; Telecoms and Internet service providers must absorb the cost of carrying botnet traffic; they can be expected to pass that expense onto companies and consumers, he says” (Acohido and Swartz, 2008).

What are your thoughts?

As always, the author appreciates all comments.

Comments

    0 of 8192 characters used
    Post Comment

    • profile image

      fima 5 years ago

      There were 2 very serious articles, one from

      Homeland wire web site and another from Fox news web site.

      Both articles wrote about my criminal case of porn possession from

      2002 - 2004. They have links to article in Wired News 'Browser

      Hijackers Ruining lives' written after interview with me in 2004

      http://www.wired.com/techbiz/it/news/2004/05/63391

      You can read in article "Digital DNA the new DNA' in Homeland Security wire:

      http://www.homelandsecuritynewswire.com/dr20111129...

      ‘With the increasing ubiquity of computers, smart phones, and other

      electronic devices comes a torrent of "digital DNA," which can be used

      to record an individual's every move and even convict them of a crime’

      Also about my case:

      ‘In one case from 2002, an individual was sent to jail after police

      found pornographic images on his computer, but security experts later

      said law enforcement officials had mishandled the digital evidence.’

      I think this is very serious web site, and this is very serious accusations

      The experts explained that a “browser hijacker” could have been used

      to remotely plant the pornographic images on the suspect’s computer

      without their knowledge.

      There was also article in Fox News 'Fighting crime with digital DNA'

      There is also link to Wired article 'Browser Hijackers Ruining lives'

      When I was interviewed for this article in 2004 I provided full

      information about myself

      http://www.foxnews.com/scitech/2011/11/18/fighting...

      Fox news Editor Jeremy Kaplan wrote

      ‘Attorneys are very good at taking digital evidence out of context and then convincing a jury of the guilt of someone based on it

      In 2002, "Jack" was sent to jail after police found pornographic

      images on his home computer. Security experts later told Wired News

      that the digital data had been mishandled: They suggested it could

      have been put on his computer remotely through what's called a

      "browser hijacker" -- a malicious bit of software that changes browser

      settings and can easily be built to store data on a PC'

      You may understand that this is all very serious. Hennepin county law

      enforcements mishandled digital evidence in 2002-2004. And you may

      remember who was District Attorney in this county in 2002-2004: Amy

      Klobuchar, now US Senator.

      I do not understand why they published this 10 years later. I may tell

      you that I am still surprised at what degree law enforcements did not

      care about any evidence in 2002-2004. They just wanted to convict me.

      I just think if Fox News and Homeland Security Wire web sites wrote

      about this 10 years later, many others may be interested.

      In 2004 article 'Browser Hijackers ruining lives' was read by many

      millions of people in different countries. This is classical example

      of different kinds of misbehavior. Too many people remember this

    • profile image

      Fima Estrin 5 years ago

      Here is case of school teacher Julie Amero

      http://en.wikipedia.org/wiki/State_of_Connecticut_...

    • Dumbledore profile image
      Author

      Dumbledore 5 years ago from Somewhere in Ohio

      Fima,

      I am very pleased to correspond with you through hub pages. I came across the article while doing research on the topic of botnets and decided that the example demonstrated the extreme consequences of someone else taking over a computer.

      I use this example in a class I teach on network security because this example seems to make many of my students wake up to the possible dangers of surfing the web.

      I am very sorry for the way the legal system treated your case. I feel the sentence was extreme, since you really did not know what your computer was doing.

      I would welcome your comments on any other hubs I write -- please stay in touch; I would like to know how things work out for you.

    • profile image

      FIma 5 years ago

      I sent an answer but it got deleted

      I am jack from this article

    • profile image

      Fima Estrin 5 years ago

      Yes. I was on probation and did not want my real name to be published. reporter Dellio sent me list of question.

      She named me Jack

      Also she interviewed Brian Rothery, Irish writer who wrote my story. There were many more articles, and security professional were interested. One company offered to defend me free, but it was too late. prosecutors promised me many years in prison if I am not plead guilty.

    • Dumbledore profile image
      Author

      Dumbledore 5 years ago from Somewhere in Ohio

      Fina,

      Are you "Jack" from the article?

    • profile image

      Fima Estrin 5 years ago

      Article Browser Hijacker ruining lives were written after interview with me

      http://estrinyefim.newsvine.com/_news/2010/07/29/4...

    Click to Rate This Article