Which protocol has historically been used by botnets for communication with handlers?

The protocol that has historically been used by botnets for communication with handlers is IRC, or Internet Relay Chat. This protocol was popular among early botnets due to its real-time messaging capabilities and the ability to specify channels or rooms that could facilitate communication between compromised bots and their command-and-control servers.

IRC allows for a straightforward setup where the botmaster can send commands to infected machines in a chat-like environment, enabling quick dissemination of instructions and updates. The simplicity of IRC in maintaining a lightweight and less detectable means of communication made it an appealing choice for these malicious networks.

While other protocols like HTTP, FTP, and SMTP can also be used for various aspects of botnet activities, they don't possess the same level of immediacy and interactive communication that IRC provides. HTTP might be used for command and control communication but can easily be scrutinized by security tools, while FTP is typically used for file transfers rather than real-time control. SMTP is primarily for email, making it less suitable for the direct command-and-control functionalities typical of botnets. Thus, IRC is particularly noted for its historical significance in the realm of botnet communications.