Apr 5, 2016

Botnet Detection

Criminals often use trojans to infect a large number of computers for creating their zombie or bot networks. These bot or zombie computers form a network named botnet. As a keylogger, botnets are being used to steal a wide range of information, including tens of thousands of login credentials, generally for financial accounts, social networking sites and e-mail systems. Botnets can also be used for sending unsolicited email messages, spreading the virus and attacking computers and servers (DDOS attacks).

Botnets are the destruction army's composed of Zombie computers. These computers are always ready to take orders and can be managed remotely by a single commander. One of the famous botnet is Zeus (3.6 million) focusing on stealing financial information especially in USA. Koobface is another botnet with 2.9 million members primarily targeting to steal social accounts such as facebook, twitter or myspace. Botnets are also sold on the Internet for various purposes.

NormShield botnet control regularly checks whether an IP address or Domain Name of a customer is blacklisted or it is a member of a botnet. NormShield currently checking 300+ IP/Domain reputation sources daily and checks customer assets in 50+ million repudiation database which includes IPs, domain names, spam email addresses, spam phone numbers, URLs and more. Companies regularly updates their IP/Domain repudiation to ensure that their public IP address is whitelisted. NormShield generates alerts and sends notification to its customers.