A botnet (short for robot network) is a collection of compromised computers that are used by some individual or organization without the awareness of their owners, usually for nefarious purposes. Any such infected computer is referred to as a bot or zombie, and thus the term zombie army is sometimes used as a synonym for botnet.

Botnet masters have a great deal of control over their zombie armies. For example, they can program them to transmit to a single computer or to many computers and to transmit at a specific time or at random times. They can use the botnets themselves or rent them out to other individuals or organizations. There are even botnet wars, in which botnet masters battle to take over or disable other botnets.

The common uses of botnets include forwarding spam or other malware (i.e., malicious software) to other computers on the Internet, distributed denial-of-service (DDoS) attacks, click fraud and obtaining various types of information. A DDoS attack can overwhelm a targeted web site with traffic and thus force it be shut down until the attacks have subsided. Some experts believe that botnets account for about 90 percent of all spam.

The computers are typically compromised via trojans, which are a type of malware that is disguised as a legitimate program in order to entice users to download and install it. Once installed, such trojans commonly open an Internet relay chat (IRC) channel that waits for commands from the zombie army controller. IRC is an Internet protocol that allows text messaging among various computer users in real time.

Not all botnets use IRC, however. There is an emerging trend toward botnets which use peer-to-peer communications and HTTP (hypertext transfer protocol). These can be even more difficult to detect than IRC botnets, and it is not known how common they are.

As is the case with other nefarious activities on the Internet, the creation and use of botnets is increasingly being employed for financial gain rather than for fun, mischief or testing one's programming abilities. In addition, botnets could also have important military applications, including obtaining classified information and disabling defense systems and infrastructure during a physical attack.

Most bots are home-based computers. It is likely that many millions of computers have been compromised and are part of zombie armies. In fact, some experts estimate that as many as a quarter of all personal computers are infected. They also believe that botnets currently pose the greatest threat to the Internet, rather than viruses, worms or spam.

The battle against botnets is a difficult one, and it needs to be fought at various levels, including by governments, ISPs (Internet service providers), private sector computer security organizations and individuals. The things that an individual can do to combat botnets are similar to what should be done to combat other forms of malware, including using a relatively secure operating system (i.e., avoiding the Microsoft Windows systems), using a good firewall, not downloading and installing suspicious software, not opening suspicious e-mail attachments and disconnecting the computer from the Internet when working off line.