ESET Online Help

Search English
Select the topic


A combination of the words robot and network, a botnet is a group of computers (the "bots") communicating with each other and with their command-and-control (C&C) server(s).

In information security, bots are computers whose security defenses have been breached. They are running malicious software that enables a third-party to control them without the consent of the computer’s owner or legitimate operator. Home computers are often compromised in this way, but bots have been found in school, business and government-owned computers. However, in some cases, the bots are compromised servers. For example, ESET researchers discovered a large and sophisticated operation named "Windigo", in which an organized group of criminals compromised over 25,000 unique Linux and UNIX servers.

Botnets are typically used to generate spam, spread other malware (including copies of themselves) or flood a network or Web server with excessive requests to cause it to fail (denial of service attack, DDoS). Botnets have also been used for phishing, transferring stolen data, and other financial crimes.

ESET uses Botnet Protection technology that searches outgoing network communications for known malicious patterns and matches the remote site against a blacklist of malicious ones. Any malicious communication detected is blocked, reported to the user, and optionally to ESET.