The attacker has his own version of the bot, only slightly advanced, with the ability to change the configuration. In fact, changing configs will be considered a command. The main parameter is the bot version. If it is larger than that of the bot on the neighboring machine, then the neighboring bot will want to download new files and configs and update to a more up-to-date state, and then the new functionality will arrive.
Other bots regard the bot on the attacker's computer as a normal bot. They don't know that the attacker is setting it up manually. Thus, it is much more difficult to catch him. Plus, such a botnet is more resistant to various problems on the network.
The principle of operation resembles torrents. It is enough that at least one lich downloads the film completely, and it already becomes a feast, and the source can easily go offline, and it is no longer possible to determine the source (except for a topic created on a forum, but botnets do not have this).
Each bot randomly polls different ips and looks for brothers, checks with them, who has a newer and more correct config. In which case - immediately exchange. Only unlike torrents, the file sizes are microscopic, in modern networks they download almost instantly. Although, for invisibility, you can not make sharp loads on the channel and stretch the pleasure of downloading, but these are already separate subtleties.

Bots themselves interrogate the control panel through their own channels.

this is to the issues of initialization and entry into the p2p network. in order to exclude the use of a personal server, which can be identified and disabled, they use third-party resources to initially obtain the addresses of "their" network. it could be, for example, the DHT network of a torrent, e2dk, or other large resource.

Dig towards Backscatter analysis and Fast-Flux DNS botnet