Botnet

Sec+ Glossary 📖 • Threats ⚠️ • Network Attacks 🎯 • Security+ 02 • Difficulty: free

What is Botnet?

A botnet is a network of compromised devices that are remotely controlled by an attacker, often through a command-and-control system. Botnets are used to carry out large-scale malicious activity such as DDoS attacks, spam campaigns, credential attacks, and malware distribution.

Examples

A botnet of infected home routers and cameras is used to flood a target website with traffic during a DDoS attack.
A criminal group uses a botnet to send large volumes of phishing emails from many different IP addresses.

Discover 🔎

A single compromised device can cause harm, but thousands of compromised devices working together can overwhelm defenses. That is the power of a botnet. Botnets turn ordinary devices into a coordinated tool for attackers. Many botnets include not only computers, but also IoT devices like cameras and routers, because they are often poorly secured and rarely monitored.

Remember: A botnet is about scale. The attacker does not need one powerful machine when they can control thousands of small ones.

Summary 📝

A botnet is a group of compromised devices controlled remotely through command-and-control infrastructure. Botnets enable large-scale malicious activity such as DDoS, spam, and credential attacks, and they often include poorly secured IoT devices. Defense focuses on preventing device compromise, limiting outbound C2 communication, monitoring for suspicious patterns, and preparing for distributed attacks.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.