ATT&CK 기법 · Command and Control

Web Service T1102

이 기법을 다룬 REVELARE 한국어 위협 분석 2편 · Command and Control

이 기법을 다룬 분석

UAT-8302: OneDrive를 C2로 위장한 중국 APT, 3개 권역 정부 침투

NarwhalRAT 분석: APT37이 설계한 pCloud 이중 C2와 30개 명령 체계

MITRE 공식 정의

Adversaries may use an existing, legitimate external Web service as a means for relaying data to/from a compromised system. Popular websites, cloud services, and social media acting as a mechanism for C2 may give a significant amount of cover due to the likelihood that hosts within a network are already communicating with them prior to a compromise. Using common services, such as those offered by Google, Microsoft, or Twitter, makes it easier for adversaries to hide in expect…

attack.mitre.org ↗ATT&CK 매트릭스

플랫폼: ESXi, Linux, macOS, Windows