A Taste Of Reality

Botnets are an army of compromised machines over the net which can be controlled by a Hacker using a command and control server. There are many ways of utilizing the Botnets.

Hackers have been using Botnets to provide services such as an Anonymous Proxy Service for quite some time. For a reasonable fee per month, they allow you to use the Botnets to surf the internet anonymously. While the end user is not aware of what exactly is the proxy served to them, it could be a compromised machine on the network which is acting as a proxy.

Recently, the TDSS rootkit has widespread to millions of computers and is considered as one of the most sophisticated rootkit ever developed. One of the primary reasons of it's invincible persistence is the way it manifests itself on your machine.

It makes a place for itself in your Master Boot Record. By doing this, it's able to load itself from the first boot sector of your hard drive even before your Operating System loads. This is also a reason for the TDL-4 rootkit to be known as a bootkit.

Kaspersky Labs have developed a small utility which allows you to remove the TDSS rootkit. It's called the TDSS Killer. The most recent variant of the TDSS rootkit (TDL v4.2) still remains persistent though.

Speaking of the ways Botnets have been used by Hackers for commercial purposes. Besides providing Anonymous Proxy Service to naive internet users, they are also used to commit Click Fraud.

Here, huge campaigning lists are download to the victim's machine by the rootkit and it visits these advertisement sites in the background. This way, they can generate a lot of revenue within a short duration.

Apart from all the above devious ways in which Hackers have used Botnets till date. The most recent and innovative way is to use these Botnets for Bitcoin Mining.

Trojans such as Trojan.CoinBitMiner were used to mine for Bitcoins on victim's machine using their CPU Computing Power. But as we know, the performance of GPUs is better than CPUs by a factor of almost 100 for Mining, the latest Trojans use the GPU Computing Power of the victim's machine instead.

Trojan.BadMiner is one among these latest category of Trojans which detects your Hardware and looks for any Graphics Cards installed. If it finds a GPU running on the victim's machine, an appropriate miner such as Phoenix Miner is downloaded and setup for mining.

If no GPU is found on the machine, then an RPC Miner is downloaded which uses the CPU Computing Power.

By doing so, hackers are now able to utilize the distributed computing power of Botnets to mine Bitcoins at a rate unimaginable for a single machine owner.