Stacheldraht botnet diagram showing a Zeroaccess bitcoin wiki attack. A botnet is a number of Internet-connected devices, each of which is running one or more bots.
A botnet is a logical collection of internet-connected devices such as computers, smartphones or IoT devices whose security has been breached and control ceded to a third party. Botnets are increasingly rented out by cyber criminals as commodities for a variety of purposes. Botnet architecture has evolved over time in an effort to evade detection and disruption. Typically, these botnets operate through Internet Relay Chat networks, domains, or websites.
Clients execute the commands and report their results back to the bot herder. Each client retrieves the commands and executes them. Clients send messages back to the IRC channel with the results of their actions. In response to efforts to detect and decapitate IRC botnets, bot herders have begun deploying malware on peer-to-peer networks. These bots may use digital signatures so that only someone with access to the private key can control the botnet. Newer botnets fully operate over P2P networks. This avoids having any single point of failure, which is an issue for centralized botnets.