Botnet & Malwares
The explosion of information and communication technology, rising e-commerce penetration has created unprecedented opportunities and level of threat for cybercrime and data breaches.
Our Central Government bodies have taken several steps to spread awareness, issuing alerts/advisories, improving cyber forensics facilities etc. to prevent such crimes occurring due to Botnets/Malwares.
Internet service providers are taking all possible steps to prevent and minimize the spread of Botnet/Malwares within its network.

We would strongly urge our customers to be aware, stay alert and take all possible measures to prevent your Internet enabled devices getting infected with Botnet/Malware and maintain updated security patches for your operating systems and antimalware/antivirus solutions.

A) What is Bot?
Bot is a software that is capable of compromising the victims’ machine and using it for further malicious activities. The activities could be directed by Bot’s command and control server.

B) What is Botnet?
Botnet is a network of Bots/ compromised machines that work in sync in order to perform a malicious activity.
Botnets typically are networks of computers(devices) infected by malware (such as computer viruses, key loggers and other malicious software) and controlled remotely by criminals, usually for financial gain or to launch attacks on websites or networks. If your device is infected with this malware and becomes part of a Botnet, it communicates and receives instructions about what it’s supposed to do from “command and control” computers located anywhere around the globe. What your device does depends on what the cybercriminals are trying to accomplish. Many Botnets are designed to harvest data, such as passwords, credit card numbers, bank details, contact numbers, etc. other personal information. This data is then used for performing crimes such as Credit card fraud, Identity theft, Spamming, Website attacks and malware distribution.

C) What are botnet activities? How can it harm my computer / device?

The botnet can perform following activities to harm your computer / device (list is not exhaustive)
• Information from your computer/device.
• Spreading itself to other computers / devices in network, thereby increasing its scope of compromise(s).
• Downloading other malware.
• Using your computer / device for launching cyber attacks such as spamming, Denial of Service (DoS), etc.

D) How did my computer get infected in the first place?
• Insecure browsing
• Drive-by-download attacks – visiting websites infected by malicious scripts
• Using pirated software
• Clicking on links mentioned in phishing/social engineering emails
• Opening malicious email attachments
• Malware infection via Removable Drives
• Using weak or default passwords
• Using out of date antivirus solution, operating systems and applications

E) How do I know that my computer is infected with a bot?
If the user witness any unusual behavior such as an unknown communication sent by the system, unidentified data consumption, self-installed application/software, etc. the computer / device should be scanned immediately with AntiVirus Scanners or Rescue disks provided freely or commercially by different antivirus vendors to detect malware/botnet infections.

F) How do I protect my computer against further attacks?
To avoid system compromises, it is advised to make use of licensed and genuine software, keep your system updated with latest security patches, install and maintain updated antimalware solutions, disable Autoplay /Autorun for removable drives etc. For other security Best practices kindly refer to “Security Best Practices” section on “Cyber Swachhta Kendra” (Botnet Cleaning and Malware Analysis Centre).

G) How do I clean my computer from infection?
To remove the malware, you need to scan your computer / device with the tools recommended on the website of Cyber Swachhta Kendra (https://www.cyberswachhtakendra.gov.in/security-tools.html ) and take steps to improve the security of your computer / device.

Advisories by CERT-In & related URLs available on the website of Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Centre), Government of India.

• Botnet FAQ URL: https://www.cyberswachhtakendra.gov.in/faq.html

• Botnet removal tool URL: https://www.cyberswachhtakendra.gov.in/security-tools.html