Beacon

Malware beaconing is one of the first network-related indications of a botnet or a peer-to-peer (P2P) malware infection. A botnet is a network of computers infected with malicious software that’s being controlled by a remote malicious party without the owner’s knowledge.

P2P infections indicate malware that is laterally moving to infect one system after another. After malware infects a vulnerable host, it quickly scans the host environment and initiates a command and control (C2) channel with its creator (i.e. the intruder).

The compromised host then initiates regular interval malware beaconing calls out to the C2 infrastructure to await further installation or to begin data exfiltration.