Peer to peer C2
Created the Tuesday 23 April 2019. Updated 3 years, 5 months ago.
Peer-to-peer (P2P) botnets have a random organization and operate without a C&C server. Bot software maintains a list of trusted computers (including other infected machines), information drop locations and locations where the machines can update their malware. More advanced botnets use encryption in order to hide communications between bots.
The purpose of decentralization is to help evade detection and also make it harder for security researchers to access communications than is the case with a conventional botnet topology. The lack of a command-and-control server makes it less likely that detection of a single bot can lead to investigators taking down the entire network.