Since the early days of the public Internet, the word
bot (from
robot) has referred to automated software programs that perform tasks on a network with some degree of autonomy. Bots can perform many beneficial and even vital functions. For example, the web crawling software programs used by popular search engines to index web pages are a class of bots, and participants in the well-known SETI@HOME program (
http://setiathome.berkeley.edu) voluntarily install bots on their computers that analyze radio telescope data for evidence of intelligent extraterrestrial life. Unfortunately, bots can also be developed for malicious purposes, such as assembling networks of compromised computers—
botnets—that are controlled remotely and surreptitiously by one or more individuals, called
bot-herders.
Computers in a botnet, called
nodes or
zombies, are often ordinary computers sitting on desktops in homes and offices around the world. Typically, computers become nodes in a botnet when attackers illicitly install malware that secretly connects the computers to the botnet and they perform tasks such as sending spam, hosting or distributing malware or other illegal files, or attacking other computers. Attackers usually install bots by exploiting vulnerabilities in software or by using social engineering tactics to trick users into installing the malware. Users are often unaware that their computers are being used for malicious purposes.