Recruitment

Computers can be co-opted into a botnet when they execute malicious software. This can be accomplished by luring users into making a drive-by download, exploiting web browser vulnerabilities, or by tricking the user into running a Trojan horse program, which may come from an email attachment. This malware will typically install modules that allow the computer to be commanded and controlled by the botnet's operator. Many computer users are unaware that their computer is infected with bots.[2] Depending on how it is written, a Trojan may then delete itself, or may remain present to update and maintain the modules.[citation needed]

The first botnet was first acknowledged and exposed by Earthlink during a lawsuit with notorious spammer Khan C. Smith[3] in 2001 for the purpose of bulk spam accounting for nearly 25% of all spam at the time.