In a recent episode of his podcast, host David Mack interviewed security researcher Daniel Bierut, who created a bot that could be used to infect computers with malicious software and make them vulnerable to attacks.
Bieruts bot could be deployed on a website or via a text-based message.
The bot would collect email addresses, log in, and ask users to pay a monthly fee for the privilege of logging in.
Biersut explained that his bot was intended to “make a profit” by collecting payments, and would then upload the botnet to websites that accept the payment.
In his podcast interview, Bierute explained that the bot was designed to be used for malicious purposes.
“We thought that by making the bot a little bit more expensive, the attackers could be more likely to be willing to pay,” he said.
Bets against botnet malware are also starting to grow.
A new report published by the cybersecurity firm Trend Micro shows that the number of botnets using the botnets name has tripled in the past three years.
“This is the result of the proliferation of the bot botnets’ names, and the increased use of new botnets,” the report reads.
“The number of new Botnets, as a percentage of total botnets, increased from 2.7 percent to 5.9 percent over the same time period.”
In 2016, Trend Micro said that the total number of malware samples infected by botnets rose from 7,872 to 10,037 in the last three years, according to the report.
Brierut said that his company has developed an attack strategy that will help users stay safe in a future botnet situation.
“Our goal is to protect users from malware attacks,” Bieruets blog post reads.
Bias against bots in botnets is becoming more common.
Bats are also used to spread malware and spyware, according the report, with bots being used to conduct spearphishing campaigns and perform other malicious activities.
The authors of the report also noted that the bots have developed their own way to protect themselves.
“A few of the newer bots are still using a pre-defined configuration, but most of them use an internal database that we can access to validate what they are doing,” the researchers wrote.
“For example, in the case of a bot, we can see that the URL they used to load their botnet was a compromised site, and that the domain name is actually their own domain name, not theirs.”
While Bieruyts bot is relatively harmless, his company is also working on another botnet, dubbed “LiarBot.”
Bierutiut said in a blog post that the “Larabot” botnet is “designed to be a fully autonomous botnet,” but it can be hacked by a number of different means.
The researchers have identified several different types of vulnerabilities that can be exploited by the bot.
“One of the most common vulnerabilities is an HTTP request to get a list of all the files in the bot’s directory,” the blog post read.
“It could be exploited as a Trojan horse to download and run malware or send spam,” the article continued.
“Another vulnerability is an SQL injection vulnerability that could allow a remote attacker to access the compromised database.”
It’s worth noting that while malware in botnet domains are very common, the botbots can also be created by others, with different botnets being created by different people, said Bieruta.
“There are so many different botnet variants out there that are very easy to create, and it’s just very hard to prevent,” Brieruta said.
“And this is not to say that there are not bots that are created by malicious actors that are still available, but this is something that we need to be able to detect and combat.”
For more on botnets and malware, be sure to check out Ars Technic’s recent report, Botnets: The Rise of the Cyber-Assault Botnet.