Skip to main content

Command and Control Server

What is Command and Control Server?

Command and control servers are computers that issue directives to devices that have been infected with ransomware or other types of malware such as rootkits. C & C servers can be used to create powerful networks of infected devices capable of performing distributed denial of service (DDoS

) attacks, stealing data, deleting data, or encrypting data to execute an extortion scheme. In earlier times, a C & C server was usually under the direct control of a hacker and was capable of remaining active for years. Nowadays, they usually have a much shorter half-life.

How does it work?

A malicious network controlled by a C & C server is called a botnet. In a traditional botnet, the bots are infected with Trojans and use Internet Relay Chat

(IRC) to communicate with a central C & C server.
Popular botnet topologies are:

[su_list icon=”icon: hand-o-right” icon_color=”#187bc0″ indent=”-5″]
  • Star topology – Bots arranged around a central server
  • Multi-servertopology – There are multiple C & C servers for redundancy
  • Hierarchical topology – multiple C & C servers are organized into tiered groups
  • Random topology – co-opted computers communicate as a peer-to-peer (P2P) botnet.

Also of concern to you may be Domain Generation Algorithm. Learn more here:

To the article

Do you have any more questions?

Please contact us

Further contents