What is a botnet?

We’re answering your security question, “What is a botnet?”

A botnet is a network of bots, in some cases, millions of bots.

The bots are devices, like your home router and security cameras, under someone’s command.

Attackers can use this bot army to take down websites, big and small, and steal data and money.

Even worse, you could be part of a botnet and not even know it.

Watch here:

Bots in Your House

Think of the smart devices in your home.

Computer, phone, router.

You may also have a connected thermostat, television, voice assistant, printer, even a smart washer and dryer.

Secretly, your devices could be marching in an attacker’s massive bot brigade, knocking down websites, holding them hostage, shaking them down for money.

How do They Do It?

Cyber criminals hack into your devices and quietly turn them into bots, or zombie devices, that they control.

They send out phishing emails and convince you to click on links.

They scan the Internet for weak or default passwords on routers and many other devices.

They look for devices that are not updated to the latest version of software, because those devices often have security gaps.

They convince you to download malicious apps on your phone, along with other tricks.

Then, they install malware so they can take over your device and add it to the botnet.


A malicious email message from a botnet campaign. Image: Proofpoint

What Do They Do with It?

Attackers use the bots to send Internet traffic to a website — so much traffic from so many devices that the site can’t function.

It’s called a distributed denial of service attack, or a DDoS.

Crooks attacked a state voter registration site in February, though the FBI is not saying which state.

They pounded the U.S. Department of Health and Human Services website in March, when people were trying to get info on the pandemic.

The same month, they targeted a group of hospitals in Francegovernment websites in the Netherlands that help people find coronavirus info, and a large food delivery service in Germany — just when people were relying on it during isolation.

The numbers show, criminals are using their botnets to attack more and more during the pandemic.

Secret Weapon

Sometimes crooks hold a site hostage, demanding money to stop the attack.

They also use the cover of the high-traffic bombardment to do other cyber crimes like steal or destroy data.

Some offer up their services to other criminals as well, like a botnet-for-hire.

Shady gamers often use botnet services to take down other gamers or gaming sites they don’t like.

In other schemes, criminals may use their botnets to send out spam email to millions of people.

Or your device may be party of an army clicking on ads on websites to collect the ad money illegally.


Ad for botnet attacks. Image: Bitdefender

What Can You Do?

Attackers not only use your devices to attack others, they may also steal from you, now that they’re in your house.

You can help keep botnet commanders out of your home with these steps:

—Put long, unique passwords on all of your connected devices

—Keep the passwords in a password manager

—Update your devices to the latest software version

—Be wary of links, not just in emails, but anywhere

It’s better to go to the site directly on your own than click on a poisoned link.

Here are tips to help you keep your home router more secure.


For your phone, try this advice for keeping malware off your phone from Wandera:

—Don’t download apps from third-party app stores

—Read the reviews before downloading apps

—Uncheck the “Install from Unknown Sources” option on Android

—Install OS updates as soon as they are available to ensure important security patches are in place

—Check app permissions before installing an app in case it is asking to access something it doesn’t need to, like camera access for a calendar app


A botnet called Black Rose Lucy uses this message to trick people into changing phone settings, which allows the botnet to control the device. Image: Checkpoint

Can You Tell if You’re in a Botnet?

It’s not easy to tell if your devices are part of a botnet army.

Some of the signs of botnet infection are similar to signs of other issues.

Your computer or laptop may seem slow or have pop-up ads.

If so, you can run a scan with your anti-malware or antivirus program to see if it detects malware.


Your router may continually reboot. Your connected devices may seem “flaky” or slow, often stalling or turning on and off.

To solve the problem, you can do a factory reset and make sure your firmware is up-to-date. Check with your device maker for instructions on how to do that.

Phone Help

Possible signs that your phone is infected with malware, according to Bullguard:

—Your phone battery suddenly runs low

—Sudden disconnections from networks or services 

—Unusual phone calls or messages you did not send

And according to Wandera:

—Pop up ads

—Unexplained apps

—A surge in data consumption

—Unexplained charges

—Reduced performance

You can reset or restore your phone to try to eliminate the malware. Follow the instructions for your version of phone.


See also:

What is encryption?

What is Mimikatz?

What is ATO?

What is RDP?

What is SIS?

What is an air gap?

What is a PLC?


Main image: Skeleton horde. Image: Grande Duc/iStock

Leave a Reply