Command and Control

A command-and-control (C&C) server is a computer controlled by an attacker or cyber criminal which is used to send commands to systems compromised by malware and receive stolen data from a target network. Many campaigns have been found using cloud-based services, such as webmail and file-sharing services as C&C servers to blend in with normal traffic and avoid detection.

C&C servers serve as command centers that malware related to targeted attacks use to store stolen data or download commands from. Establishing C&C communications is a vital step for attackers to move laterally inside a network. They also serve as the headquarters for compromised machines in a botnet. It can be used to disseminate commands that can steal data, spread malware, disrupt web services, and more.