360 Netlab's review of P2P botnets serves as a valuable piece of context for understanding why this model remains so attractive to attackers. Unlike traditional client-server architectures, peer-to-peer networks distribute functions, reduce single points of failure, and better withstand attempts at disruption, making them particularly durable infrastructures for malicious operations.
The article traces that evolution from Storm in 2007 to more recent families such as ZeroAccess, GameOver, Hajime, and Mozi. The takeaway is that innovation in botnets does not always involve creating something completely new but rather refining architectures that have already proven effective at scaling, surviving, and adapting.
The added value of the report lies in continuous monitoring. 360 Netlab does not limit itself to describing the phenomenon; it explains how to track this type of threat by observing nodes, protocols, and communication patterns, which is crucial when the infrastructure does not depend on a centralized C2 server.
As an editorial story, it serves as a reminder that many of the most persistent threats do not disappear with the capture or shutdown of operators or servers. In P2P botnets, the architecture itself is designed to survive such blows.