A software that remotely controls a computer here is referred to as a Bot and Botnet, a network of remotely-controlled computers. The computers remotely controlled are infected by the malware which is use to control them. Botnet computers can be made up of hundreds to thousands and even up to millions.
Robots or Bots as mentioned above can be used for good or bad activities even if most people refer to it as a type of malware.
More on Botnets
Computers that are part of a Botnet are infected and the Bot or Malware installed contacts a remote server or close bots so as to carry out instructions passed out by the person who created and controls the botnet. With a vast network, the attacker can control a large number of computers for malicious purposes.
Malwares are not the only thing that could infect a computer in a botnet. Keyloggers as well could be installed to record key strokes for user names and password to sensitive data like bank account details. Since, a computer being controlled is just part of the network; the attacker could use it to work with or infect other computers as well or may also download additional malware to any precise one.
Computers get infected by bots the same way they do by viruses or malwares i.e. Mostly by using outdated security software and, downloading and using pirated software.
Botnet owner mostly establish this network to rent the access to other people since it is more profitable the way. Since the lager the network the more profit they make, they all want to infect as many computers as possible.
With a large botnet, the attacker has endless operations he can perform since he can use all the computers as one. A Botnet can be used to perform a distributed denial-of-service (DDoS) attack on a web server. This is when a large number of computers visit a website producing heavy traffic at the same time. This makes the website either inactive or perform poorly.
Spamming, is one of the operation a botnet can be used for; this consist of sending hundreds of thousands of emails which requires some processing power which can be acquired way cheaper if a botnet is used. Click fraud can be made possible by controlling this bots to click on ads. Also, remote computers can be used to mine Bitcoins which will then be sold for cash later by the attacker. Mining Bitcoins uses a lot of electricity which will then fall on the victim and not the attacker.
There are several different ways a Botnet owner or a person renting the network can make money out of it. Since the Bot can be used to download additional nasty stuff onto your computer, you could find your computer being infected with malwares, Keyloggers, Adwares or Ransomware like CryptoLocker.
How the Owner Controls a Botnet
The most common way to do this is to assign the Bots to regularly download an instruction file from a server generally know as command-and-control servers which tell the bot operations to perform.
Another way even if very easily stopped is when the bots connect to an Internet relay chat (IRC) channel hosted on a remote server and wait for instructions. This is easily stopped when the server is taken down which makes the bot unreachable by the creator.
Botnets also make use of a peer-to-peer like method of communication which means, one bot will talk to a nearby bot which then passes on the information to the next and the chains continues. This makes it less easy since there is no single communication point. This communication is very similar to the DHT network used by Torrents and can by fought by issuing fake command or preventing bots from communicating with each other.
It was recently discovered that some Botnets were communicating via the Tor network. Tor, which is known as one if not the most encrypted network designed to be as anonymous as possible was used by the bots to connect to a hidden service inside it. No matter how encrypted this criminal services were, the NSA was able to pull some magic tricks. Tor hidden services were also used by the rather popular online illegal drug shopping website known as Silk Road. The owner of the website slipped up before the police could get the location of the servers so as to shut it down.
In simple terms Botnets are simply an interconnection of several computers infected by a Bot and controlled by its creators mostly for malicious use and profit making.