Botnets are known to be parts of larger cyber networks usually controlled by one entity with the desire to spread malware among unknowing recipients. Spreading the malware results in recipient computers becoming “bots”, with owners usually completely unaware of this. Hackers tend to target computers without secure protection such as firewalls or anti-virus programs. Even though botnets have been around for nearly 20 years, they are becoming increasingly common and harmful. Though they mainly act by spreading harmful malware among computers, they do not always have the same final goal in mind. Cybercriminals can utilize botnets in various ways and for many different purposes. Isa Oyekunle mentions the different types of bots that criminals and hackers use to carry out their malicious tasks, including: “Phishing, Spambots, Bricking, Cryptojacking, Snooping, Distributed Denial-of-service attacks, and Brute force attacks”. These types of bots enable financial extortion, cryptocurrency scams, gaining access to personal data, among others. Attacks usually take place in 3 steps, according to CrowdStrike, which are exposure, infection/growth, and activation. The first step involves, as the name itself suggests, initial exposure to malware through the controlling entity’s exploitation of a target’s vulnerabilities. Once a device owner is deceived, the second step is able to occur. This step includes the act of delivering malware, after which the controlling entity will connect the infected device either to a specific control center or to other infected devices. The final step involves launching desired attacks after a large number of devices have been infected. Interconnectedness of such a large number of devices in the cyber domain facilitates malware and botnet growth/spread. It is therefore extremely important for companies to adopt certain measures of security to assure their institution’s & connected entities’ safety. Some of the common methods of defense that companies can adopt include bot traffic analysis, apprehension of bots to block, and using bot detection (such as CAPTCHA libraries). Though botnets usually, as mentioned earlier, aim at infecting as many devices as possible, every user/computer pair can play a vital part in mitigating their spread. By ignoring suspicious ads, emails, and even phone calls and by keeping certain cyber security measures in mind, we can decrease the success of botnets and their resulting cyberattacks.