1,155 reads
How Hackers Host C2 Servers on Google Infrastructure (Google Sheets & Drive)
Too Long; Didn't Read
Reading through my weekly security news and stumbled on a Bleepingcomputer article about using Google Workspace's Drive and Sheets (formerly G-Suite) to communicate and exfiltrate information natively Drive and Sheets. I thought this was a clever project because: You do not have to set up any particular domains, servers as most C2 frameworks do. (And many defense tools maintain a dynamic list of malicious domains, IPs, etc). This doesn't use common C2 and red team frameworks, such as Cobalt Strike, SilverC2, or Brute Ratel. This program and traffic only interact with Google's domains (*.google.com) to make detection more difficult for tools.
Grant Collins
@grantcollins
An I.T. nerd who wants to think he is good at cybersecurity but really is just a script kiddie.
Learn More
LEARN MORE ABOUT @GRANTCOLLINS'S
EXPERTISE AND PLACE ON THE INTERNET.
EXPERTISE AND PLACE ON THE INTERNET.
STORY’S CREDIBILITY
Video
The best videos on the Internet archived and shared on HackerNoon.
Guide
Walkthroughs, tutorials, guides, and tips. This story will teach you how to do something new or how to do something better.
L O A D I N G
. . . comments & more!
. . . comments & more!
