top of page

Command and Control (C2)

A technique used by cybercriminals to remotely control compromised systems.

Understanding Command and Control


Command and Control (C2) is a crucial stage in cyberattacks where threat actors establish communication with compromised systems. C2 infrastructure allows attackers to remotely execute commands, exfiltrate data, and maintain persistent access within a target network.

Types of Command and Control Techniques


  1. Domain Fronting

  • Hides malicious traffic behind legitimate domains to evade detection.

2. Encrypted C2 Channels

  • Uses SSL/TLS, VPNs, or Tor networks to mask communication.

3. Social Media C2

  • Attackers embed commands in social media posts, which infected systems retrieve.

4. DNS Tunneling

  • Uses the Domain Name System (DNS) to exfiltrate data and send commands.

Challenges and Considerations


  • Encrypted C2 Traffic: Attackers use encryption to evade detection.

  • Rapid Infrastructure Changes: Malicious domains frequently change.

  • Detection Evasion Techniques: Advanced C2 frameworks mimic legitimate traffic.

DC_stationary_R2-08.png

© 2025 DeepCytes. All Rights Reserved.

Locate Us

​Express Towers, Marine Drive,Nariman Point, Mumbai - 400021

Legal

Follow Us

bottom of page