• 3000005: On the subject of Botnets

    Home » Forums » Knowledge Base » 3000005: On the subject of Botnets


    AKB3000005: On the subject of Botnets

    by Kirsty

    Published October 19, 2017 | Rev. 1.1

    According to Wikipedia, “A botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service
    attack (DDoS attack), steal data, send spam, and allow the attacker access to the device and its connection…a logical collection of internet connected devices such computers, smartphones or IoT devices whose security has been breached and control ceded to a third party.”

    Kaspersky states that networks of zombie machines become tradable, either by sale or lease, between cybercriminals, to perform Ddos, spam attacks and other cyber attacks.

    A DDos is a Distributed Denial of Service attack, which is designed to make unavailable either websites, machines or network-connected computers, by flooding the network with incoming traffic from numerous sources, which may involve genuine or spoofed IP addresses.

    Malicious email attachments and clicking on dodgy internet links are two methods of being infected with botnet malware. There have been several topics on botnets posted on Askwoody in recent months.

    It’s quite possible to be part of a botnet, without being aware of the fact. In order to make money from cybercrime, they are often hidden from sight, gathering your personal data as you use your valuable personal details (like your passwords, credit card details, social security numbers and the like. In fact, you may not even notice your computer is any slower than normal – nothing may appear wrong, yet you may be infected.

    BleepingComputer have reported on an IoT (Internet of Things) botnet which, instead of being designed for DDOS attacks, has “the ability to relay web traffic by installing a proxy server on infected devices” and is behind a wave of adult-themed spam messages..

    Groovypost.com have some suggestions to prevent becoming part of a botnet, such as to use an alternative DNS provide, such as OpenDNS, router security, Windows process oversight and free botnet checks.

    Kaspersky publicised its page to check if your IP address is associated with a botnet about the time Simda was wild. The page is still a useful check to see if you are clear:

    5 users thanked author for this post.
    Viewing 1 reply thread
    • #139218

      Note: new Botnet threat information has been posted in Code Red – security advisories

      1 user thanked author for this post.
    • #2371925

      I check on AKB 3000005 from time to time to check my IP address, as my ISP will change my IP address occassionally. In the last day or 2 I’ve noticed that clicking on the ‘checkip.kaspersky.com link in AKB 3000005 above shows not just my ip address, but another ip address as well. This other IP address commences ’82… which is apparently a Kaspersky IP address. I’ve checked on a couple of other pcs in the local library and the same thing happens; the ‘local’ IP address and a Kaspersky address.
      So, have I inadvertently become part of a botnet, or has the link been compromised.

      Appreciate any advice on this.



      • #2372419

        I think checking your IP is a waste of time as IP addresses change and a suspect IP is not an indication of anything.
        It’s also good advertising for the site…

        cheers, Paul

    Viewing 1 reply thread
    Reply To: 3000005: On the subject of Botnets

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: