Malware Command and Control Over Social Media: Towards the Server-less Infrastructure(Article)(Open Access)
- aDiploFoundation, Braničevska 12a, Beograd, 11000, Serbia
- bSingidunum University, Danielova 32, Beograd, 11000, Serbia
Abstract
Intrusions into the computer systems are becoming increasingly sophisticated. Command and Control (C2) infrastructure, which enables attackers to remotely control infected devices, is a critical component. Malware is set to connect to C2 servers to receive commands and payloads, or upload logs or stolen files. Since techniques for detecting traditional C2 servers are also advancing, attackers look for ways to make C2 communication stealth and resilient. Increasingly, they hide C2 communications in plain sight, in particular on social media and other cloud-based public services. In this paper, we identify several emerging trends in the use of social media for C2 communications by providing a review of the existing research, discuss how attackers could combine these trends in the future to create a stealth and resilient server-less C2 model, look at possible defence aspects, and suggest further research. © 2020. All Rights Reserved.
- ISSN: 14514869
- Source Type: Journal
- Original language: English
- DOI: 10.2298/SJEE2003357R
- Document Type: Article
- Publisher: University of Kragujevac, Faculty of Science
Radunović, V.; DiploFoundation, Braničevska 12a, Beograd, Serbia;
Veinović, M.; Singidunum University, Danielova 32, Beograd, Serbia;
© Copyright 2024 Elsevier B.V., All rights reserved.
Cited by 4 documents
(2023) Journal of Cybersecurity and Privacy
(2023) Proceedings - 2023 IEEE Secure Development Conference, SecDev 2023
(2023) 32nd USENIX Security Symposium, USENIX Security 2023