Command and Control Mechanism Trends in Exploit Kits, RATs, APTs, and Other Malware
January 2016 • Presentation
In this FloCon 2016 presentation, the author provides a brief summary of common C2 TTPs observed during 2015.
Command and control (C2) mechanisms in malware continue to evolve at a
rapid pace and show no sign of slowing down. Communications TTPs favored
by malicious actors just months ago may be replaced in favor of
updated, more evasive approaches at the drop of a hat and with little to
no advance warning. This presentation provides a brief summary of
common C2 TTPs observed during 2015, noting any differences and
similarities along the way, as well as provides insight into anticipated
trends for 2016. Malware families covered include exploit kits
(Angler), RATs, (PlugX), and selected APTs, and malware crafted to
exploit zero-day vulnerabilities (CVE-2015-5119).