What is a Botnet?

A botnet is an interconnected network of computers that have been infected with malware without the user's knowledge. Usually controlled by cybercriminals, botnets have been used for nuisance spam and distributed denial-of-service (DDoS) attacks, which are most often characterized by fast and furious network traffic targeting a specific server. Manufacturers of network firewalls and DDoS mitigation service providers rely on these high traffic volumes to help block botnet attacks.

In recent years, botnet attacks have become increasingly insidious. The SpyEye malware program alone, for example, has been used to steal from individual's bank accounts, resulting in hundreds of millions of dollars in losses to bank institutions. Instead of relying on a quick and aggressive approach for spam or DDoS purposes, today’s botnet attacks are often stealing personally identifiable information (PII) in order to commit financial fraud. Through credential stuffing attacks, botnets have exploited billions of breached login credentials over the last decade to commit real fraud through account takeover.

Within the emerging trends uncovered in iovation’s 2019 Gambling Industry Report, cybercriminals are also using bot attacks to create a distraction while they perpetrate other fraudulent activity, which often goes undetected because of the focus on the larger scale attack.

Botnet Attack Example

A typical botnet attack involves a device serving as the botnet master, perhaps located in a high-risk geographic region or using a high-risk ISP. Using multiple command and control computers, the botnet malware spreads to other unsuspecting users’ devices. Traditional high-velocity botnet attacks can often be stopped with a combination of firewall configuration and third-party packet scrubbing services, but the new slow botnet attacks make it more difficult for the website firewalls to distinguish botnet traffic from legitimate traffic.

Learn More About Botnets and How iovation Solutions Help Protect Your Business

Botnet attacks are becoming increasingly insidious, as they aim to steal personally identifiable information (PII) or exploit the billions of breached login credentials to commit fraud. By implementing the right fraud detection solution, along with strong device authentication, you can avoid this problem to keep your customers safe.

In this solution brief, you'll learn how iovation’s FraudForce fraud prevention solution leverages the power of device intelligence and historical botnet activity while stepping up authentication from LaunchKey multifactor authentication solution helps to stop the fraud caused by botnets without causing friction for your good customers.