Normally a botnet is built by criminal hackers to use other people’s computers to make money. But one anonymous hacker built a botnet for the purpose of measuring the vulnerability of all computers on the Internet. This Carna (Latin for “health”) “snoopnet” found that there were 1.3 billion IP addresses (every PC or other device connected to the Internet has a unique IP address) active and another 2.3 billion that appeared to be inactive. The nine month scan of all these devices found that three percent of the 1.3 billion active PCs had one or more ports open (they were very vulnerable) and only 11 percent were using a firewall. Some 56 percent had reverse DNS (Domain Name System) records, meaning that these IP addresses could send and receive email.
Snoopnet eventually grew to include 420,000 infected (with software that did the scanning) PCs and devices (routers, printers, webcams, and the like that were easy to hack for his purposes) and this enabled all four billion IP addresses to be probed in a day. Thus, despite all the effort spent on protecting computers (and other devices like routers, printers, and such with IP addresses) from hackers, there are still plenty out there that are vulnerable. This is either because the user is unable or unwilling to install security software or because theoretically protected systems were sloppy or did not get software updates quickly or at all. Many of the devices (non PCs) should not have been connected to the Internet at all but the user usually did not know better and the manufacturer underestimated the vulnerability. For this reason many of the vulnerable devices use Linux, which has a reputation of being a poor target for hackers (because so few people use it). But many of the non-PC devices use Linux.
PCs or devices illegally controlled by hackers are called zombies (or bots) and a large number of them are called a botnet. Nearly all of these botnets are used for making money, and a botnet of 100,000 PCs can make you a millionaire. A botnet can launch massive probe of military networks, seeking weaknesses, which can then be exploited to turn some military PCs into bots or just grab some secrets and scoot. Snoopnet took advantage of the fact that routers, printers, and the like are in fact little PCs that are usually very vulnerable to hacking.
The anonymous researcher posted a report of his nine month effort at internetcensus2012.bitbucket.org/paper.html