What Is a Botnet?

At the end of the night, you close the lid of your laptop and forget about it until the morning. But while you’re fast asleep, your computer is busy harassing businesses, sending out spam, and making money for someone else. These are just a few things infected devices do for the botnet master. Learn what botnets are and how you can protect your devices from becoming part of them.

A botnet is a network of infected devices that cybercriminals use to carry out their attacks. These robot devices belong to unsuspecting victims, who have no idea that someone else is controlling their computer, phone, or other smart device.

Cybercriminals use botnets to carry out massive spam campaigns, perform Distributed Denial of Service attacks, mine cryptocurrencies, rent them out to make money, etc. However, botnets are not necessarily evil – essentially, they are a cluster of interconnected computers used to perform a task that requires a lot of computing power. What makes them malicious and illegal is the way they are created (by secretly infecting people’s devices) and used.

How botnets work

Cybercriminals control their zombie devices through malware. It installs itself together with other software, or when users click on malicious links and download infected files. Phishing scams are a popular way to create botnets. You receive a legitimate-looking email, download the attachment, try to open it, and nothing happens. Most people delete it and forget about it, not realizing that they’ve installed botnet malware on their device.

Sometimes cybercriminals will try to use your device without you ever noticing it. In an ad fraud, the person controlling the botnet will use only a small amount of your browser’s resources to send traffic to the targeted ads and make money off them. They will create an extensive network with hundreds of thousands of bots so that the infected users never suspect a thing.

But when cybercriminals use their botnets for crypto mining, infected users are likely to notice it sooner than later. Mining for cryptocurrency requires a lot of processing power, which significantly slows down other processes on the device.

Signs that your device is part of a botnet

High internet bills. If your monthly internet plan is based on how much data you use up, you’ll surely see a spike. Tough as it might be financially, it’s also one of the fastest ways to find out your device is part of a botnet.

Slow internet. This is a less obvious sign of malware, which you may not notice for longer. If your device is only used at night, it might take you some time to suspect that something is wrong. Some internet service providers will set bandwidth caps after they notice you suddenly started using a lot of data. If your home Wi-Fi is fast at the beginning of the month and barely crawling at the end of it, botnet malware might be the answer.

Slow device. When cybercriminals use their botnets for something that requires a lot of computing power, it takes its toll on the infected devices. For example, crypto mining might rapidly wear out your computer even if it’s brand new. If it becomes slow and unresponsive, it’s a sign that someone else might be using it remotely.

Legal troubles. Hackers might use botnets to DDoS a server or an online platform as part of a larger cyberattack. When your device is detected to be part of something like this, you might have to explain yourself to the authorities. While you would be able to prove you didn’t knowingly participate in any attack, you’re still likely to waste some time and money doing so.

How to protect your devices

  • Check apps and software before installing them on your device. Malware often ends up on people’s computers together with other, legitimate software. Always pay attention to the apps you download to your mobile devices too, especially if it’s a popular paid game you found for free on some shady third-party app store. These types of scams are guaranteed to cause harm to your device in one way or another.

  • Keep your eyes peeled for potential phishing attempts. This goes for all your work and personal online accounts — not just emails. Phishing comes in many different shapes and sizes, and you should know how to recognize all of them. Be especially careful if the message contains any links or attachments – always triple check before clicking on anything.

  • Keep your cool online. A flashy banner with a deal that’s out of this world might lead some people to click without thinking. Don’t be that person – if you’re visiting a site with questionable content, their ads might take you to downright malicious web pages ridden with malware.

  • Use security software. A reliable anti-malware will give you a peace of mind to some extent, but it won’t be able to catch all malicious software. You can add an extra layer of protection with NordVPN. Its CyberSec feature will protect you from accessing known malicious sites, so malware will never reach your device.

  • Keep your devices updated. Don’t let cybercriminals exploit known security loopholes. Developers regularly release security patches — all you have to do is install them.

  • Change the default credentials. Cybercriminals often target IoT devices, since they are easy to break into. IoT security is often overlooked by its users, but you can step up your game by changing the administrator’s username and password and setting up a secure home network. Make sure to choose hard-to-guess passwords and use a reliable password manager like NordPass to store them.

Chad Hammond
Verified author
Chad loves traveling and technology. His global view and open-mindedness add interesting angles to various security topics. He has already traveled to over 80 countries and is not planning to stop any time soon.
Subscribe to NordPass news