Botnets: who's behind them and why?

Botnet
By posing as a rogue programmer, Cisco researchers gained a unique insight into the world of botnets and their owners

Poor education, a criminal record and a dislike of authority can all turn programmers bad. That's the finding of Cisco researchers who posed as botmasters to enter the world of online crime.

"I wanna do what I wanna do, whenever I want," one botmaster told the researchers. By posing online as a rogue programmer, the researchers got him to reveal how he spams thousands of instant messenger users with enticements to install infected utilities.

For every 10,000 messages sent, "at least one per cent" will respond and become part of his botnet. The team, from Cisco's Security Intelligence Operations unit, found that for botmasters, criminality is just a by-product of running a small business.

The botmaster said he sold a 10,000-machine botnet for $800, but also claimed that selling off infected machines is relatively rare. He said that a friend made between $5,000 and $10,000 per week solely through renting out his botnet to phishing gangs.

Dumbing down

Today, those without the necessary computer skills can easily gain access to advanced tools for creating profitable, robust and secure botnets.

Over the course of their online conversations, Cisco's researchers learned of online marketplaces where the budding cybercriminal can buy everything he needs to set up a botnet.

"The bot software is advertised much like any other software," claims Cisco. "Anyone with basic computer experience is able to run one. It's not necessary to understand the code, nor is there a need to understand networking."

Following the money

Alex Constantinides is a director of UK-based online security consultancy MetaSec. "It just goes to show how these things have evolved," he told us. "Originally, simply knocking servers off the net was the thing – for fun. Then botnets became a blackmailing tool. Now they're predominantly used for financial gain."

Janet Williams is a Deputy Assistant Commissioner with the Metropolitan Police Service, and she heads up the Police Central e-crime Unit (PCeU). Williams has just launched the ACPO e-crime Strategy, designed to help police forces pool their resources in response to e-crime.

"This strategy is designed to assist law enforcement in building a response to this challenge," says Williams. "We trust that by doing so we'll enhance both industry and public confidence."

Potential botmasters tend to fit a profile, so identifying them shouldn't be difficult, as F-Secure's Mikko Hypponen points out:

"It's often the people with the skills but without the opportunities," he says. "Many of these online criminals are coming from developing countries. If you know how to code and are living in London – great! You'll get a job easy," says Hypponen. "If you know how to code and are living in Siberia – not so great."

Mikko hypponen

ALL ABOUT THE MONEY: Mikko Hypponen says many will still "choose the dark side", even with the opportunity to go straight

"The only real way to find the perpetrators, like traditional bank robberies, is to follow the money," Roger Thompson, Chief Research Officer at AVG Technologies, told us. "However, even this becomes difficult as it involves multiple countries and there are many different layers and players."

The strongest psychological factor for many botmasters may simply be the excitement of breaking the law, as Hypponen concludes: "Some people would have the opportunities but still choose the dark side…" he says.

Latest in Computing
Apple WWDC 2025 announced
3 things Apple needs to do at WWDC 2025 to save Apple Intelligence, and why I'm convinced it will
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
Apple MacBook Air M3 on yellow background with lowest price text overlay
Need a new MacBook Air? Well I've found 9 discounts you'll not want to miss, including a MacBook Air M4 Amazon deal
Youtube
YouTube Premium could be getting a new time-saving perk, showing you recommended videos directly in your playback queue
The Kiwi design K4 Boost Battery strap being worn by Hamish
I test VR headsets for a living, and this affordable headstrap is the first Meta Quest 3 accessory you should buy
Both Kiwi design G4 Pro Performance Controller Grips
I thought VR controller grips were pointless until this Meta Quest 3 accessory proved me wrong
Latest in News
EA Sports F1 25 promotional image featuring drivers Oscar Piastri, Carlos Sainz and Oliver Bearman.
F1 25 has been officially announced, with this year's entry marking a return for Braking Point and a 'significant overhaul' for My Team mode
Garmin clippd integration
Garmin's golf watches just got a big software integration upgrade to help you improve your game
Robert Downey Jr reveals himself as Doctor Doom to a delighted crowd at San Diego Comic-Con 2024
Marvel is currently making a major announcement about Avengers: Doomsday's cast on YouTube, and I think it's going to be a long-winded reveal
Samsung QN90F on yellow background
Samsung announces US prices for its 2025 mini-LED TV lineup, and it’s good and bad news
Nintendo Switch Lite
Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Samsung Galaxy S25 Edge colors seemingly revealed in new video, and there’s another sign of an imminent launch