Source |
SANS Institute |
Identifiant |
7663343 |
Date de publication |
2022-10-24 07:12:13 (vue: 2022-10-24 09:05:37) |
Titre |
C2 Communications Through outlook.com, (Mon, Oct 24th) |
Texte |
Most malware implements communication with their C2 server over HTTP(S). Why? Just because it works! But they are multiple ways to implement C2 communications: DNS, P2P, Layer 7 (Twitter), ... Another one that has become less popular with time is SMTP (email communications). I spotted a malicious Python script that exchanges information with its C2 server through emails.
|
Envoyé |
Oui |
Condensat |
24th another are because become but com communication communications communications: dns email emails exchanges has http implement implements information its just layer less malicious malware mon most multiple oct one outlook over p2p popular python script server smtp spotted through time twitter ways why? works! |
Tags |
Malware
|
Stories |
|
Notes |
|
Move |
|