The IT Law Wiki


A botnet operator (also called the botnet controller)

use[s] a network, or botnet, of compromised, remotely controlled systems to coordinate attacks and to distribute phishing schemes, spam, and malware attacks. The services of these networks are sometimes made available on underground markets (e.g., purchasing a denial-of-service attack or services to relay spam or phishing attacks).[1]


"A botnet controller can communicate with its botnet and still stay in the background, unidentified and far away from any action, while the individual bots — which may belong mostly to innocent parties that may be located anywhere in the world — are the ones that are visible to the party under attack. The botnet controller has great flexibility in the actions it may take — it may direct all of the bots to take the same action, or each of them to take different actions."[2]