A family member of mine has received notification from their ISP (verizon) that the home network was targeted by a botnet, and soon afterwards received notification that a computer on the network was now acting as a malicious bot. I can’t go into details as to why I suspect this is a targeted attack, but to summarize, it be some extreme coincidence if it wasn’t a targeted attack for information computers on the network access. I have already disconnected and shut down the computer that verizon named as acting bot-like, but I don’t know exactly how to move from here.
How would I go about detecting and removing what is controlling the infected computer? My initial guess is to use something like snort? Or is this just completely over the head of anyone not a professional and I should just nuke the hard drives?
How would I figure out how it even got control of the computer in the first place?
And how can I protect against a (what I assume to be) targeted attack if it happens again in the future?
If it is of any help, I do have some, albeit limited, experience using kali linux and the tools in it