What is a Botnet?
A group of computers that have been compromised by malicious code and is now remotely operated by attackers. Botnet can be used to execute a bunch of attacks like DoS flooding, spamming, DNS spoofing, etc. The term botnet is a combination of the words "robot" and "network." It is a collection of devices or "bots" such as computers, phones, or IoT devices, whose security has been duly compromised. These devices are controlled by the attacker via a "command and control" (C&C) software and are used to launch devastating attacks on the target.
Netenrich's proprietary threat intelligence crawls through different sandboxes to judge the extent of damage done by potential botnet malware. With this data, whenever one of our clients exhibits any of the IOCs, we can immediately warn them about a potential botnet infection. Plus, we can also block off the IP addresses of the C&Cs for them.