What Are Botnets and How Are They Used in DDoS Attacks? 

In February 2024, a news story about a major DDoS attack involving 3 million smart toothbrushes surfaced online. Later, it turned out the incident never actually occurred. Nevertheless, this fake story sparked public concern, driving discussions about botnets and associated threats.

What do modern botnets look like? Why are they used, and what types exist? Learn more in our article.

The Concept of Botnet

A botnet is a network of devices infected with malware, allowing attackers to control them remotely. These devices—ranging from personal computers to IoT gadgets like smart cameras or vacuum cleaners—can be used for a variety of malicious purposes, from sending spam to launching cyberattacks.

The term “botnet” comes from the words “robot” and “network.” For a device to be part of a botnet, it needs a basic operating system and internet connectivity. Once compromised, the device becomes a “bot” or “zombie,” controlled by an attacker (known as a “botmaster”). Control is usually centralized via a server or decentralized through through a peer-to-peer (P2P) system, making detection more difficult.

The Evolution of Botnets

Early botnets from the 2000s were simple, but over time, they have become more sophisticated and powerful. The growth of smart homes and IoT (Internet of Things) devices has dramatically increased the scale of these networks.

For example, in Q3 2023, the average botnet had around 6,000 infected devices. Just a year later, that number grew to 30,000. As technology advances, botnets continue to expand in size and capability.

Types and Uses of Botnets

Botnets can serve many purposes depending on the attacker’s goals. Here are the four main types:

1. Mining Botnets
Cybercriminals use infected devices to secretly mine cryptocurrency. This kind of botnet exploits the processing power of unsuspecting victims’ computers, often leading to increased strain on their GPUs and CPUs. If your device suddenly slows down for no reason, it might be part of a mining botnet.

2. Data-Theft Botnets
Botnets can steal sensitive information like banking credentials or account passwords. For instance, the notorious ZeuS botnet stole banking data worldwide in the late 2000s, causing an estimated $70 million in damages.

Stolen credentials can be sold, used for fraud, or even exploited by competitors. For example, in e-commerce, botnets can scrape and manipulate inventory data. To mitigate such risks, it is essential to use Anti-bot solutions.

3. Spam Botnets
Hackers use botnets to send massive amounts of spam, including phishing emails designed to trick victims into sharing personal information or sending money. By leveraging thousands of infected devices with different IP addresses, these attacks can bypass spam filters and reach inboxes more effectively.

4. DDoS Botnets
When attackers want to crash a website or online service, they use botnets to flood it with traffic in a Distributed Denial-of-Service (DDoS) attack. These attacks are distributed across thousands of devices, making them highly powerful and harder to block.

The process usually looks like this:

1. Devices are infected with malware, giving the attacker control.
2. The attacker targets a website or service.
3. Commands are sent to the infected devices.
4. The devices overwhelm the target with malicious traffic, causing it to crash.

Famous Botnets

Over the years, several botnets have made headlines:

• Mirai: Known for infecting IoT devices like smart home gadgets with weak default passwords, Mirai caused over $100 million in damages in the 2000s.
• Gafgyt: Almost similar to Mirai, this botnet also targeted IoT devices and was widely used for DDoS attacks.
• Mantis: Named one of the most powerful DDoS botnets by Cloudflare in 2022, it could generate over 25 million requests per second. Unlike Mirai and Gafgyt, Mantis relied more on servers and virtual machines than IoT devices.
• Mēris: In 2021, this botnet executed a record-breaking DDoS attack on Yandex, generating nearly 22 million requests per second.

The Growing Threat

Botnet attacks can inflict millions in losses and severely damage reputations. While some businesses recover, many face long-term devastation.

Don’t wait until it’s too late—secure your company now. StormWall provides cutting-edge cybersecurity solutions to protect against these growing threats.