A network of compromised computers and devices ("bots" or "zombies") secretly controlled by an attacker, used collectively to perform malicious activities like DDoS attacks, spam campaigns, credential stuffing, and cryptocurrency mining.
A network of compromised computers and devices ("bots" or "zombies") secretly controlled by an attacker, used collectively to perform malicious activities like DDoS attacks, spam campaigns, credential stuffing, and cryptocurrency mining.
Think you've been targeted?
Paste the suspicious content here for an instant analysis.
No signup · 6 detection layers · Results in seconds · Cmd+Enter
A botnet is essentially a cyber army — potentially millions of compromised devices operating under the control of a single attacker or group (the "bot herder"). Each infected device doesn't know it's part of a botnet, and its owner may never notice any signs of compromise.
Botnets are the infrastructure behind many forms of cybercrime. They send the majority of the world's spam email, launch massive DDoS attacks, perform credential stuffing at scale, mine cryptocurrency, and distribute malware. The distributed nature makes them extremely hard to shut down.
The Internet of Things has dramatically expanded the botnet landscape. Smart cameras, routers, DVRs, and other connected devices often have weak default passwords and rarely receive security updates, making them ideal botnet recruits.
The Mirai botnet in 2016 recruited over 600,000 IoT devices (mainly cameras and routers with default passwords) and launched a DDoS attack against DNS provider Dyn that took down Twitter, Netflix, Reddit, CNN, and many other major websites for hours.