scary shadow of hand with long nails going after man

Zombie Bots and Botnet Attacks 

December 10, 2020

What Hackers are using to sink your ad campaigns, crash your websites, send you to the bottom of search engine results pages; and how to stop them.

Zombie bots, botnet attacks, bot herders, and botmasters. You would be forgiven for thinking these all sounded a bit silly, childish even. In reality, though, they are the words used to describe the hackers and their tools that will be responsible for $6 trillion in global damages throughout 2021 alone. In other words, if the hacking economy were a country, it would be the third-largest in the world behind the US and China, and these would be its citizens. 

What are bots, botnets, and zombie bots?

Very simply, a bot is any program on a network (for our purposes the internet) that can interact with other elements in that network, without human input for each individual task. While this may sound scary, bots are actually vital for the internet to function. In fact, they are neither good nor bad by definition but are simply a tool to be used. Like any tool, whether bots are ‘good’ or ‘bad’ depends entirely on who is using them, and why.

typical structure of a botnet attack

Good bots for example crawl through the internet so that search engines can effectively show you the relevant pages for your search. Without them, the internet would simply be a mass of pages and you would not be able to find anything without its exact web address. Bad bots, meanwhile, can be used to harm your business in any number of ways. From having your content stolen to crashing your whole site, if you are ever the victim of a cyber-attack, you can bet that somewhere along the line bots were involved.

Malicious bots used individually, however, are largely ineffective and can’t really cause you or your business that many issues. This is why hackers don’t use just one bot from one computer, they use thousands. Naturally, these thousands of computers need to come from somewhere and generally speaking that place is the unsuspecting user at home. Each infected computer then becomes a tool for the hacker to use without this user knowing. To go by another name, it becomes a zombie bot. These zombies form a botnet. All together, they are more than capable of causing your company issues. 


How do hackers create malicious botnets?

All of this begs a question. How do hackers, often called bot herders or botmasters, turn these computers into zombie bots in the first place? There are many answers to this. Sometimes they can be installed through questionable downloads on free sites or through pop-ups telling a user they already have a virus and need to click a flashing install button to ‘remove’ it, only for them to actually infect themselves when they do.

Another way they spread through malicious links on social media. The overwhelming majority of the time though, these bots are delivered by email, which according to a wide-scale study by tech conglomerate Verizon, accounted for up to 94% of all malware delivery in 2019.

These are known as phishing emails and generally disguised as reputable companies in order to appear trustworthy and coax the user into clicking on an infected link. While this may sound surprising, the more obvious phishing attempts use a badly placed well-known brand logo or incomplete English, however, a lot of them are actually incredibly sleek and professional. So sleek and professional in fact that if you are rushing or not fully paying attention, it is often easy to become a victim.

They will lure you in and create a sense of urgency, either with a limited time offer to make you drop your guard or a panic-inducing charge about to be made to your account. These are powerful tools and are often used in conjunction with personal information about you, or your history with the company they are impersonating. 

Whether it is an email or a social media scam, the next step is the same. After the bot herder has persuaded a user to click on the infected link, a trojan will be installed onto their device giving the bot herder control over your device. Now they can use this device as part of a  botnet without disrupting the user experience enough for them to ever notice. Once they have enough zombie bots under their command, they can begin to cause irreparable damage to your company.

What can hackers do with a botnet army? 

There are many different ways a botnet can be used to harm legitimate users on the internet. They can spread onto businesses or government pages to steal sensitive information for later use, fraudulently mine for cryptocurrencies, or simply spreading more phishing emails to grow the botnet even more. When it comes to directly attacking your business, however, there are three main botnet attacks which you need to be concerned about: 


  • DDoS (distributed denial of service) attacks are the most common and by far the most damaging of these online assaults. The botmaster will flood your website with thousands, hundreds of thousands, or even millions of bots, in order to disrupt your service and bring you down. While DDoS results can fully shut down a website if they overload it completely, the far more common result is that it is simply slowed down so much that it becomes effectively unusable. 


  • Click Fraud using botnets has gone down in popularity in recent years due to the rise of click farms. Click farms take advantage of low wage workers in developing countries to commit their fraudulent activities and decimate a marketing campaign. The botmaster will get the bots to click on your ads, fill out forms, and simulate real user activity to eat up your budget without even one real visitor.


  • Content Scraping is the act of using bots to steal the information on your website. This can be then used to undercut your prices for the same product, take ideas, or flat out copy content to damage your search engine ranking. 


How will I know if my business is being attacked by bots, and what can I do to stop it?

No matter how a botnet is attacking your company the signs are the same, and so is the solution. Bots attacking your website will not behave exactly like humans. They will fail to log on, abandon carts, have irregular viewing behavior, and fill in forms suspiciously. They will flood your website all at once, and not stick to your usual usage metrics.

To protect yourself from botnet attacks, you need to know who is visiting your site in real-time. You need to analyze where incoming traffic is coming from and what it is doing. You need to be able to identify bots before the issue gets out of hand. You will more than likely require an ad fraud solution. 

A professional, high-quality ad fraud solution such as Anura, will monitor your traffic constantly to determine who is real and who is not. We will then tell you with confidence which users are fraudulent, and which are genuine visitors. This allows you to clear out the bad while keeping the good.

Your business is free to go back to doing what you do best, without having to worry about where the next attack is coming from. In the modern age, no one is too big or too small to be targeted by hackers taking the easy road to riches, but you can control how hard it is to hit you. Don’t be an easy target, request a free trial today.