Sabrina Lupșan is a writer at CoolTechZone, a cybersecurity enthusiast, and a future penetration tester. She holds a Bachelor’s degree in Computer Science and Economics.
An analysis of botnets and how your computer can become a part of them without you knowing it.
Image source – pixabay.com
As of 2020, there are 7.7 million IoT devices on the Internet. Most of these devices are not protected by antivirus or some security engine, and some of them fall under the trap of botnets – huge groups of computers controlled by hackers to do whatever they want.
If you ever used a Torrent, your computer might be a part of these huge organizations. In this article, you will find out what botnets are, what they do, and how to prevent turning your machine into a bot controlled by others.
Table of Contents
Disclaimer: You should not download copyrighted material from the Internet using Torrents, as this is illegal and may be punishable by law in your country.
A botnet is a cluster of computers called “bots” connected over the Internet, controlled by one entity, and formed to perform a large-scale attack or series of attacks.
The possessors of the hacked devices are unaware that their computer is a bot, or a “zombie”, as such machines are called, and attacks can even be performed without owners realizing. However, being a part of a botnet, your computer may slow down and perform usual tasks slower.
Some currently known botnets are Kraken, Necurs, Emotet, Mirai, GotBotKR. Below you can see in what year they were discovered and what they are known for.
Botnet
Year
Purpose
Estimated number of bots
Kraken
2008
It infected 10% of the Fortune 500 companies and was sending 9 billion spam messages a day at some point.
495,000
Necurs
2012
It corrupted over 6 million computers by 2016 and is commonly known to deliver other malware.
>6,000,000
Emotet
2014
It is considered the most dangerous botnet today, and it was initially used to steal sensitive banking information.
-
Mirai
2016
Originally created to hack Minecraft, it now exploits IoT devices using DDoS attacks.
380,000
GoBotKR
2018
It is still being built in order to perform DDoS attacks.
-
While botnets are usually used for DDoS attacks, you can see from the example above that bots can also send spam emails, steal sensitive information, recruit other “zombie” machines, do crypto-mining, etc.
To understand this type of attack, we firstly must discuss what a DoS (Denial of Service) attack is.
A DoS attack is used to take down a service, an application, or a website by making huge amounts of requests to the software in a short amount of time. This is done to overwhelm the system and temporarily make it unavailable to its normal users.
A DDoS (Distributed Denial of Service) attack is enhanced by using a botnet. Instead of just one machine performing the requests, a botnet is directed towards the target.
This does two things:
Torrent is a method to download files and folders from the Internet.
If you’re going to use Torrents to download something over the Internet, you will need two things – the torrent file and the torrent client.
The torrent file is a file that contains metadata about what is to be distributed, participants in the downloading process, and others.
A torrent client is a software that manages those special torrent files and connects the recipient of the to-be downloaded material to the senders. Some examples are BitTorrent, uTorrent, and The Pirate Bay.
Torrent works in a peer-to-peer fashion. That is, the distributed files and folders are not stored in one centralized place but rather on many computers that then connect to others using the torrent client in order to exchange data.
The recipient, called a leecher, receives the data from seeders – users that already own those files.
Firstly, it all depends if what you're downloading is copyrighted or not. It is illegal to download something copyrighted using a Torrent, and it may be punishable by law in your country.
Torrents can be used to download legitimate files, but it is very common to also use them illegally. Considering this aspect, copyrighted material may come with malware such as viruses, Trojan horses, spyware, ransomware, and others.
Besides these risks, you must be aware that by using a torrent illegally, your computer may be trapped inside a botnet without you being aware of this. In this situation, your computer actually starts doing illegal things over the Internet, which might get you even more in trouble.
The botnet GoBotKR has been gathering South Korean victims based on downloads of South Korean movies, games, and TV shows, according to a trusted source. The botnet uses torrents to multiply all across South Korea, China, and Taiwan with the purpose of building up one or more DDoS attacks.
GoBotKR not only uses South Korean and Chinese torrents but also uses BitTorrent and uTorrent clients, which are popular all over the world. The botnet is currently designed to only affect South Korean and Chinese machines, but this could change and spread worldwide.
Besides this, there could be other dormant botnets currently being created, and for sure, torrents are a great way for them to spread. This is why torrents are very dangerous and should only be used properly.
Here are the signs that may help you find out if your computer is a bot:
Your CPU should be at about 2-4% when not using any program, up to 30% when using an Internet Browser. It also depends on what else you're running. For example, if you're playing demanding games or using complex applications, your usage can spike quite a lot. However, if you’re not really using anything too demanding and your CPU usage is abnormally high, it could mean you have a problem.
Of course, slow Internet can mean other things too, but if it's not related to your Internet provider, you might want to check it out.
Scroll down to find the processes. Look at them. Do you see any weird process that you haven't heard of that maybe is using a lot of your resources?
If you find yourself in any under the above categories, you may want to look further into this. It is important to take action if you think you are trapped in a botnet.
I suggest you use an antivirus that will locate and remove the botnet for you, if possible, or contact your local CSIRT (Computer Security Incident Response Team) for further assistance.
I created the following infographic to show what torrents and botnets are, how your computer can become a victim of famous bots, and how you should protect yourself on the Internet.
You should only download files that you know are coming from safe sources because many targets become victims of botnets, with some hackers gathering even 12 million bots under their command.
Feel free to share the code of infographics
Using torrents to download something illegally from the Internet comes with huge risks for you. I recommend you make sure you only download legitimate files which are not copyrighted and take all of the precautions when using torrent clients.
Being a part of a botnet is no joke, as your machine may become a weapon against others. Botnets are very dangerous entities that have caused huge financial losses over the years.
If you have any other safety recommendations, please share them in a comment below!
Leave a comment
