Channels ▼
RSS

Web Development

A Brief History of the Botnet



Trend Micro solutions architect Rik Ferguson has tried to pin down the history of the botnet and for the first time try and name and shame the first two pieces of malware that started the botnet ball rolling.

Narrowing it down to either Sub7 or Pretty Park -– a Trojan and a Worm, respectively -- Ferguson says that both introduced the concept of the victim machine connecting to an IRC channel to listen for malicious commands.

These two pieces of malware both first surfaced in 1999 and "botnet innovation" as Ferguson called it, has been constant since then.

"Notable points along the botnet timeline are numerous. First up, the emergence of the Global Threat bot, or GTbot, in 2000. GTbot was based on the mIRC client, which meant that it could run custom scripts in response to IRC events and also importantly that it had access to raw TCP and UDP sockets, making it perfect for rudimentary Denial of Service attacks, some attacks went as far as scanning for Sub7 infected hosts and updating them to GTbots," writes Ferguson this week on Business Computing World.

Ferguson goes on to discuss the fact that early bots were aimed at remote control and information theft, but the move toward modularization and open sourcing lead to a huge increase in variants and the expansion of functionality As we know, Ferguson points out that malware authors gradually started to introduce encryption for ransomware as well as HTTP and SOCKS proxies, allowing them to use their victims for onward connection or FTP servers for storing illegal content.

You can read the original article here.


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 
Dr. Dobb's TV