How a botnet works: 1. A botnet operator sends out viruses or worms, infecting ordinary users’ computers, whose payload is a malicious application — the bot. 2. The bot on the infected PC logs into a particular command and control (C&C) server (often an IRC server, but, in some cases a web server). 3. A spammer purchases access to the botnet from the operator. 4. The spammer sends instructions via the IRC server to the infected PCs, causing them to send out spam messages to mail servers. (Photo credit: Wikipedia)
Want to create a huge botnet to distribute malware, pump out spam, crack passwords or knock your enemy’s website offline?
Don’t bother with designing malware to break into strangers’ computers. Instead, say two researchers, all you need to do is spend a few bucks buying online ads, which can hijack tens of thousands of Web browsers across the world — no hacking required.
Last month at the Black Hat security conference in Las Vegas, Jeremiah Grossman and Matt Johansen, the founder/chief technology officer and threat-research manager of White Hat Security in Santa Clara, Calif., showed how an online ad network could be used to create what they called a “million browser botnet.”
“There’s no malware to detect, no exploits,” Grossman said. “We’re not really hacking stuff. We are using the Web the way it was meant to be used.”
The World Wide Web is a fundamentally insecure system, Grossman and Hansen explained. Browsers are designed to serve you as much data as possible without authentication, and nowhere is that more true than with online ads.
“When you visit a Web page,” Grossman said, “by nature of the way the Web works, it has near-complete control of your browser for as long as you are at that Web page … The JavaScript or Flash on that page can force your browser to do basically whatever it wants.”
Grossman and Johansen showed how HTML and JavaScript, the programming languages underlying most Web pages, could be used to probe Web browsers for user settings and login information, force browsers to attack websites in several different ways, break into corporate networks or spread malware.
The problem with these attacks, however, is that they are limited in scope. Whether you’re distributing the evil code through a highly trafficked site, search-engine poisoning or third-party widgets such as weather trackers, you’re not going to attain the critical mass for a truly efficient browser-based botnet.
“We need to think bigger,” the researchers said, then quoted JavaScript pioneer Douglas Crockford: “The most reliable, cost-effective method to inject evil code is to buy an ad.”
Ads: the perfect malware distribution system
There are nearly two dozen major ad networks, Grossman and Johansen said, but most of them won’t let ad suppliers include code with their ads. However, there are hundreds of smaller ones that don’t ask as many questions.
The Latest Bing News on:
Browser Botnet
- Botnet Genius Stole $500 Million|in Global Scam, Microsoft Sayson January 11, 2022 at 4:00 pm
Botnets provide a very efficient general means of controlling ... When the Citadel bot detects an attempt to connect to an antivirus website, it will hijack and redirect the user's browser. This keeps ...
- Bot Hacks: The Next Frontieron January 10, 2022 at 12:17 pm
With the term bot closely linked to the term botnet, many may wonder what is a botnet cyberattack, and how it relates to new potential robot-related cyber security threats. Many if not all of the ...
- CISA sees low levels of Log4j exploitation against agencies and critical infrastructureon January 10, 2022 at 5:20 am
Last week, two members of the cybersecurity community created a browser search tool to help defenders better manage the increasingly cumbersome master list, which is now approaching nearly 3,000 ...
- New York Computer Help Saves More Lives With Their Cyber Computer Protection Planon January 7, 2022 at 3:05 pm
A recent report revealed that 64% of companies have experienced web-based attacks, with 62% experiencing phishing and social engineering attacks and 59% dealing with malicious code and botnets ... pop ...
- Visa to fight botnets with new ruleson December 20, 2021 at 2:16 am
A rising use of botnets – networks of hijacked computer devices – are being used to carry out and scale these attacks. As part of a new Australian Security Roadmap, Visa is introducing a ...
- This Week In Security: 0-Days, Pwn2Own, IOS And Teslaon December 13, 2021 at 3:59 pm
LILIN DVRs and cameras are being actively exploited by a surprisingly sophisticated botnet campaign ... locks and eventually crashes the browser. In the Tesla, however, the crashing browser ...
- Google disrupts botnet infecting one million Windows deviceson December 10, 2021 at 2:47 am
Google has disrupted “key command and control infrastructure” of Glupteba, a botnet that compromised about one million Windows devices globally, and filed a lawsuit against its operators ...
- Two Russians prosecuted for cryptocurrency mining via infected computerson December 16, 2019 at 6:41 am
One of them [detained citizens - TASS] is a resident of Kurgan, who used almost a whole botnet in various regions ... moment the pages are viewed in the browser. He noted that the cost of most ...
The Latest Google Headlines on:
Browser Botnet
The Latest Bing News on:
Browser-based botnet
- SHAttered — SHA-1 Is Broken Inon January 12, 2022 at 4:00 pm
Or if you control a large enough botnet. Or if you are just able to spend ... In 2008, a team of researchers demonstrated how to break SSL based on MD5, using 200 Playstations 3.
- Botnet Genius Stole $500 Million|in Global Scam, Microsoft Sayson January 11, 2022 at 4:00 pm
(CN) - A computer mastermind and 81 henchmen control "Citadel Botnets" that have infected computers worldwide ... but most of the thefts are aimed at U.S.-based banks. Microsoft claims that ...
- What does Windows Security do?on January 11, 2022 at 1:31 am
For example, if the app and browser control section has a yellow symbol with an exclamation mark, click on it to find out why. You might discover reputation-based protection is ... crypto mining or ...
- New York Computer Help Saves More Lives With Their Cyber Computer Protection Planon January 7, 2022 at 3:14 pm
A recent report revealed that 64% of companies have experienced web-based attacks, with 62% experiencing phishing and social engineering attacks and 59% dealing with malicious code and botnets.
- New York Computer Help Saves More Lives With Their Cyber Computer Protection Planon January 7, 2022 at 1:50 pm
Leading provider of IT solutions, New York Computer Help, launches their Cyber Computer Security Protection Plan to offer clients protection from cyber threats The team at ...
- Breaking the habit: Top 10 bad cybersecurity habits to shed in 2022on January 5, 2022 at 1:12 pm
Using non-secure websites HTTPS sites use encryption to protect the traffic going from your web browser to the site ... the phone Just as email and SMS-based phishing uses social engineering ...
- ESET Antivirus solutionson January 4, 2022 at 9:23 pm
Bratislava-based ESET was founded by a group of friends ... ESET Internet Security adds a spam filter, parental controls, and a secure browser to protect online banking transactions.
- The Log4Shell 0-day, four days on: What is it, and how bad is it really?on December 13, 2021 at 1:17 am
Log4J is an open source Java-based logging tool available from Apache ... syntax, allowing them to be included in browser user agents or other commonly logged attributes. Here’s what exploits ...
- Google disrupts botnet infecting one million Windows deviceson December 10, 2021 at 2:47 am
Google has disrupted “key command and control infrastructure” of Glupteba, a botnet that compromised about one million Windows devices globally, and filed a lawsuit against its operators ...
