Section 6.52 Zombies and Botnets

Question 1

Botnet

Answer 1

Network of compromised computers or devices controlled remotely by malicious actors who can control your processing, memory, storage and networking.

Question 2

Zombie

Answer 2

The name of a compromised computer or device that is part of a botnet.

Used to perform tasks using remote commands from the attacker without the user’s knowledge.

Your workstation will be considered a zombie if infected and added to a larger network. The system will be controlled by a C2 node.

Botnets are made up of compromised system known as Zombies

Question 3

Command and Control Node

Answer 3

Computer responsible for managing and coordinating the activities of other nodes or devices within a network

Question 4

4 examples of what Botnets are used for

Common Botnet uses

Answer 4

Pivot Points

Disguise the real attacker

To Host illegal activities

To spam others by sending out phising campaings and other malware

Question 5

Most Common Botnet uses

Answer 5

DDoS attack - Occurs when many machines target a single victim and attack them at the exact same time

Botnets are used by attackers to combine processing power to break through different types of encryption schemes

Attackers usually only use about 20-25% of any zombie’s power to avoid detection