Malware
Command and Control (C2)
Also known as: C2, C&C, Command-and-control server
Definition
The infrastructure and channels attackers use to maintain communication with compromised systems and send them instructions.
Examples
- Cobalt Strike Beacon's HTTPS, DNS, and SMB-pipe C2 channels.
- DGAs used by Conficker to generate hundreds of pseudo-random C2 domains daily.
Related terms
Botnet
A network of internet-connected devices infected with malware and remotely controlled by an attacker to perform coordinated activities.
Backdoor
A covert mechanism that bypasses normal authentication or access controls to give an attacker future entry to a system.
Remote Access Trojan (RAT)
Malware that gives an attacker covert, interactive control of an infected device, similar to a hidden remote-administration tool.
Advanced Persistent Threat (APT)
Advanced Persistent Threat (APT) — definition coming soon.
Threat Intelligence
Evidence-based knowledge about threats and threat actors — including indicators, TTPs and context — used to guide security decisions and detection.
Malware
Any software intentionally designed to disrupt, damage, or gain unauthorized access to computers, networks, or data.