An IoT botnet (Internet of Things botnet) is a group of hacked computers, smart appliances and Internet-connected devices that have been co-opted for illicit purposes.
A conventional botnet is made up of computers that have been remotely accessed without the owners’ knowledge and set up to forward transmissions to other computers on the Internet. The Internet of Things (IoT) is made up of not only dedicated computers but also cardiac implant monitors, household and industrial appliances, automobiles, mechanical sensors and other devices equipped with IP addresses and the ability to transmit data over a network. In the IoT context, these are known as things.
In late December 2013, a researcher at Proofpoint (a California-based enterprise security company) noticed that hundreds of thousands of malicious emails logged through a security gateway had originated from a botnet that included not only computers, but also other devices -- including smart TVs, a refrigerator and other household appliances.
Hijacked computers in a conventional botnet are known as zombies or bots. David Knight, of Proofpoint, coined the word thingbot to refer to devices other than computers that have been co-opted for a botnet.
Dan Raywood explains how thingbots could participate in an IoT botnet:
See also: IoT security