Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library


Command and Control Mechanism Trends in Exploit Kits, RATs, APTs, and Other Malware

  • Abstract

    Command and control (C2) mechanisms in malware continue to evolve at a rapid pace and show no sign of slowing down. Communications TTPs favored by malicious actors just months ago may be replaced in favor of updated, more evasive approaches at the drop of a hat and with little to no advance warning. This presentation provides a brief summary of common C2 TTPs observed during 2015, noting any differences and similarities along the way, as well as provides insight into anticipated trends for 2016. Malware families covered include exploit kits (Angler), RATs, (PlugX), and selected APTs, and malware crafted to exploit zero-day vulnerabilities (CVE-2015-5119).

  • Download

Part of a Collection

FloCon 2016 Presentations