How does a botnet operate?

A botnet operates by forming a network of infected computers that are controlled by an attacker, typically without the knowledge of the device owners. This control allows the attacker to direct these compromised machines to perform various malicious activities, such as launching distributed denial-of-service (DDoS) attacks, sending out spam emails, or stealing sensitive information. The infected devices, often referred to as "bots" or "zombies," can be used en masse to carry out commands issued by the attacker, leveraging the combined computing power and network bandwidth of all the compromised systems.

The other options provide different contexts that don't accurately describe the fundamental mechanism of a botnet. While exploiting software vulnerabilities is a method often used to infect devices, it does not define the operation of a botnet as a whole. A decentralized system of servers may be a characteristic of some kinds of networks, but botnets usually rely on a centralized control model for the attacker to issue commands. Sharing resources among different systems can occur in various computing environments but is not the operational mode of a botnet, which is primarily concerned with control and coordinated malicious activities.