Botting bots have been making headlines lately, as evidenced by a recent story about an automated botnet that was using a DNS spoofing bot to steal a user’s credit card information.
Some experts believe that botnets like these could be used by a nation state to steal valuable information about individuals or companies.
As botnet operators increasingly use sophisticated malware to target targeted individuals, they may also be targeting the vulnerable computer networks that connect individuals to services.
The threat is real, but the problem is the lack of effective countermeasures, according to Michael Schreiber, CEO of the cyber security company FireEye.
In fact, he believes that most botnets are not actually malicious and simply attempt to steal credit card numbers.
“They are simply trying to generate revenue through fraud,” Schreib told CoinDesk.
“That’s what the botnets were doing before they got sophisticated, but now they have sophisticated algorithms to figure out how to steal information about users.
They’re just using a tool to figure that out.”
Schreibus comments come after researchers found a malicious botnet known as the Cryptonote botnet.
The botnet, which was first discovered on October 30, 2018, is believed to be one of the largest botnets in history.
“It was actually quite sophisticated and the way they were doing it was quite sophisticated,” Schremib said.
“And so I don’t think the botnet is going to be able to take down the entire network, but it’s going to take a significant amount of resources.”
Schremi said that botnet traffic can be difficult to detect and trace, especially if the bot operator is in a foreign country.
“You just can’t really get that information out there,” he said.
Some analysts are concerned that these types of botnets may be able access sensitive personal information such as credit card data and other financial information.
However, Schreibe said that most organizations that rely on credit card companies to make payments would not be impacted.
“There are a few cases where you could get targeted and the credit card provider might be affected,” Schreyib said, but for the vast majority of people, the bot would be unable to steal personal information.
“Even the most sophisticated botnet can’t take over the entire system,” he explained.
“The only thing it can do is take a lot of time and money and people are probably not going to feel it.”
Some experts are also concerned that botting may be more prevalent than previously thought.
“I’m not really convinced of that, but there is some evidence to suggest that it’s happening,” said Ben White, CEO and cofounder of Security Response Team, a cyber security consulting firm.
“Some people have been trying to link it to China and other countries and there’s some evidence that the bot traffic from the bot network has come from that.”
White said that if a botnet operator is able to compromise a system with enough resources and the right tools, the information can be obtained.
“In order to actually get data out of the system you need a lot more resources,” White explained.
In addition, he added that the increased sophistication of the bot networks means that they can also take advantage of the vulnerability of a network to send a malicious message to the victim.
White said he believes the risk of botting is “significant” and noted that there is evidence that some bots are being created with the intention of targeting a specific country.
It is important to note that bot networks may also target other systems.
“Once they’ve compromised a system, they have a lot less incentive to shut it down and then go into a different network to get information,” White said.
SchreIB and Schreese also warned that if the threat to individuals becomes widespread, companies and businesses should prepare for the potential consequences.
“If you have a large group of people who have been using your systems, it’s very easy to get hacked and that’s not good for your reputation,” Schrekiber said.
There is also the issue of how to detect a bot and what measures to take.
Schremis said that while it is important for individuals to be aware of the risks of botnet activity, companies should also take measures to prevent the spread of bot-generated traffic.
“As companies become more sophisticated, they will be able more effectively combat botting,” Schreais said.
While Schreis said it is “important to be on the lookout for these kinds of threats” and that companies should prepare their systems to stop a bot from creating traffic, he did not provide any specific guidelines.
He said that he believed that companies would have to be more proactive and employ better cybersecurity measures to mitigate the botting threat.
“This is something we are all learning to deal with, it is part of our everyday life,” Schrewiber said, adding that he hopes that companies will work with each other and share information on what measures they take to detect botnet attacks.