The Money Train that is a Botnet

How easy is it for a newbie to set up his own botnet?

A botnet is a jargon term for a collection of software robots, or bots, which run autonomously. It is used by malicious users to gain control over remote computers, and use these computers for various purposes, like delivering adware for commission, or performing denial of service (DoS) attacks. A user controls these bots using a command and control infrastructure, most notably via Internet Relay Chat (IRC); IRC bots are most common.

To answer the question: very easy. All a knowledgeable user has to do is to download source code from somewhere, make few modifications, and he is set to go! Script kiddies do this all the time, especially if there are new software vulnerabilities to exploit. (More on vulnerability exploits and zero-day exploits in a separate blog post.)

In an interview with a certain hacker, Brian Krebs concluded that script kiddies no longer hack for fun (like defacing Web sites, though some still do); they do so for profit:

the chief distinguishing feature of this generation being that instead of using Web site flaws to deface as many Web sites as possible, these guys are breaking into thousands of home and work PCs and taking them for a virtual joyride, often times all the way to the bank.

The most daring makes sure his actions are known; but those who wanted to earn a profit are more dangerous, since they will try their best to remain hidden. That’s why some bots use rootkits to avoid detection. And why derail the money train?