Google Groups Used to Control Malware

Oh, those sneaky hackers! Symantec found another way they’re hiding Command & Control server commands, this time using a private newsgroup within Google Groups. Much like the Twitter discovery last month, this is yet another way to hide bot control in legitimate communication.

"This technique is analogous to the use of encoding messages in newspaper ads that were commonplace in spy novels," Zulfikar Ramzan, technical director of Symantec Security Response, told eWEEK. "What attackers are taking advantage of are online mediums that allow pretty much anyone to post content and are both highly available as well as readily accessible from the outside. I believe they are going down this route since it represents a very easy and inexpensive avenue for setting up command and control."

Comments