Bot herder
Bot herder
Bot herder definition
Bot herder refers to a person or group of individuals who control a botnet, a network of compromised computers. Bot herders plan and carry out attacks in order to grow their army of “zombie” machines to be controlled remotely, usually with an aim of carrying out coordinated attacks in the future.
See also: botnet
How does a bot herder infect a computer?
- Malicious attachments. Bot herders send emails containing infected attachments disguised as legitimate files.
- Drive-by downloads. Bot herders exploit vulnerabilities in websites, so that when users visit them, the malware infects the device.
- Social engineering. Bot herders may use social engineering techniques such as promotions and fake software updates to trick users into downloading and executing malware that turns their computer into a “zombie.”
- Exploit kits. They are malicious toolkits that allow attackers to take advantage of vulnerabilities in software.
- Infected file sharing. File-sharing networks can be used to distribute malware.
How bot herders avoid detection:
- Polymorphic malware. The use of polymorphic malware that can dynamically change its code with each infection makes detecting a botnet extremely difficult.
- Fast flux DNS. It’s a technique, where the IP addresses associated with the Command and Control server constantly change, making it hard to block the botnet’s communication.
- Low-volume activities. By limiting the activities of their bots such as executing malicious actions in small bursts, bot herders may avoid raising suspicion.