Chronological Look at the Biggest Botnet Attacks

The Biggest Botnet Attacks to Date 

June 12, 2022
| Ethical Hacking

A botnet attack is a specific type of attack in which a malicious hacker gains control over a series of computers. These computers are then directed by the attacker to launch massive-scale cyberattacks like Distributed Denial-of-Service (DDoS) attacks.

This results in harm to the computers taken over and the targets of the attacks, including massive financial losses (Balaban, 2021). Thankfully, ethical hacking and penetration testing can be used to stop botnets in their tracks.

2000: It Starts with EarthLink Spammer

EarthLink Spammer was one of the first botnet attacks. The attackers engaged in phishing—a cornerstone of botnet attacks—and sent emails that purported to be from well-known websites.

These phishing attacks tricked users into turning over sensitive information, including usernames, passwords, and credit card numbers, thus enabling the EarthLink Spammer to gain even more information. Its creator, Kahn K. Smith, was caught, and a USD 3 million judgment was issued against him (White Ops, 2021).

2007: The Threat Explodes

2007 was a turning point in botnet attacks. The year saw an explosion of botnet attacks, resulting in the deployment of additional cybersecurity resources and a variety of countermeasures, like penetration testing methodologies.

  • Cutwail specifically targeted Windows systems, using them to send the Pushdo Trojan, which turned computers into spambots. At its peak, Cutwail was sending 74 billion emails per day. The bot was active for years and was even rented by other malicious actors who wanted access to the sensitive personal information Cutwail could access (Uberoi, 2021).
  • Storm was one of the largest botnets in the world, if not the largest. It used mutating-code attacks to capture targets’ computers to perpetrate other attacks, sometimes using its bots to launch DDoS attacks (Garretson, 2007).
  • Zeus gained access to users’ banking information. At one point, Zeus was responsible for 90% of all online bank-related fraud and cost its targets over USD 120 million (Dark Reading, 2021). Like many botnet attacks, Zeus has evolved since its first launch and remains active today.

2008: The Threat Evolves

Despite the rise of countermeasures, 2008 saw more successful botnet attacks that evolved in both virulence and prevalence.

  • Kraken was a spyware bot that gained access to hundreds of thousands of computers, including at least 50 of the 500 largest companies in the world. At its peak, each bot was sending out up to 500,000 spam emails per day, making it the most significant in the world at the time (Balaban, 2021).
  • Mariposa was involved in stealing personal information and DDoS attacks. Although it ultimately captured more than 12 million IP addresses and infected over a million computers, Mariposa was destroyed in December 2009 and is no longer active (“Mariposa botnet,” 2021).

2016–2018: Adware and Smart Devices

As technology expanded, so did malware efforts. Certain precautions, like penetration testing, stopped significant infections. However, less secure systems were still harmed by these attacks.

  • Methbot was the name of botnet attacks that turned computers into viewers of ads, thus generating revenue for the bot’s creator. The creators of Methbot are thought to reside in Russia, and the network remains active today, potentially generating up to USD 5 million every day (Green Arrow, 2021).
  • Mirai was one of the first spambots to target Internet of Things devices. It was used in click fraud, an illegal technique of manipulating cost-per-click advertising. This botnet remains dangerous today, as it is still mutating (Cloudflare, 2021).
  • 3ve gave rise to three different yet interconnected ad fraud operations. Multiple tech companies coordinated to shut down 3ve’s operations, but not before it infected around 1.7 million computers and many servers (Uberoi, 2021).

Combating Botnet Attacks with Ethical Hacking

Botnets can present a massive challenge to the security of an organization’s IT infrastructure. Businesses must prepare for these attacks, and individuals in the cybersecurity world must learn a variety of penetration testing methodologies to test networks and fend off potential intrusions.

These botnet attacks were devastating to their targets: They impacted millions of people and cost businesses billions of dollars. Fortunately, there are opportunities to join the fight and stop cyberattacks. You can gain the skills to help organizations secure their networks by becoming a Certified Ethical Hacker (C|EH).

The C|EH, an industry-renowned credential from EC-Council, is earned after completing a robust course covering the tools and testing methodologies required to identify, exploit, and ultimately fix vulnerabilities. If you’re interested in using ethical hacking methods to combat cyberthreats—like botnet attacks—learn more about the C|EH today.


Balaban, D. (2020, October 22). The 8 biggest botnets of all time. CyberNews.

Cloudflare. (2021). What is the Mirai botnet?

Dark Reading. (2021). New massive botnet twice the size of Storm.

Garretson, C. (2007, September 28). Storm: The largest botnet in the world? Network World.–the-largest-botnet-in-the-world-.html

Green Arrow. (2016, December 21). What is Methbot?

Mariposa botnet “mastermind” jailed in Slovenia. (2013, December 24). BBC News.

White Ops. (2021). 9 of history’s notable botnet attacks.

Uberoi, A. (2021). What is a botnet attack? Cyber Management Alliance.

"*" indicates required fields

Share this Article
You may also like
Recent Articles
Become a
Certified Ethical Hacker (C|EH)

"*" indicates required fields