Botnet
A network of compromised computers controlled remotely by a threat actor.
Full Definition
A botnet is a collection of internet-connected devices — computers, servers, mobile phones, or IoT devices — that have been infected with malware and are remotely controlled by a threat actor, often called a "botmaster" or "herder." The individual compromised devices are referred to as "bots" or "zombies."
Botnets are used for a wide range of malicious activities including distributed denial-of-service (DDoS) attacks, spam campaigns, credential stuffing, cryptocurrency mining, and distributing additional malware such as infostealers or ransomware. Modern botnets communicate through command-and-control (C2) infrastructure, which may use encrypted channels, peer-to-peer networks, or even legitimate platforms to avoid detection.
Infostealer botnets specifically harvest credentials, cookies, and sensitive data from infected endpoints, with logs sold to other criminals on dark web marketplaces.
Related Terms
Command and Control (C2/C&C)
Infrastructure used by threat actors to remotely communicate with and control compromised systems.
Malware & InfrastructureInfostealer
Malware designed to silently harvest credentials, cookies, and sensitive data from infected devices.
Malware & InfrastructureCredential Stuffing
Automated injection of stolen username/password pairs to gain unauthorized access to accounts.
Attack TypesMalware
Any software intentionally designed to cause harm, disrupt, or gain unauthorized access to systems.
Malware & InfrastructureMonitor Your Exposure on Whiteintel
Understanding threats is the first step. Whiteintel continuously monitors dark web sources, stealer logs, and breach databases so you know the moment your organization's data is at risk.