Get Started Book a Demo

Command and Control (C&C) Server

21st February 2020 | Cybrary Command and Control (C&C) Server


A Command and Control (C&C) Server is a computer being controlled remotely by a cyber criminal that is used as a command center to send commands to systems that have been infected with malware and usually part of a large Bot network. Systems running malware communicating to Internet based C&C servers can exfiltrate critical data from your organization such as when the Emotet virus captures user passwords and sends them to the C&C servers online. They can do a whole lot more damage too.

Other malware used in C&C communications is doing things like Crypto-mining (aka Crytojacking), participating in Denial of Service attacks, or just lying idle waiting for the hacker who owns the network of Bots to need something done and issue a command to them to wake up and perform some task,

Establishing C&C communications is usually a significant step for attackers enabling them to move laterally inside a network or organization. This is because the malware can receive new instructions and new malware to scan the local network for additional at risk systems to compromise.

Related Term: Botnet, CryptoJacking or Crypto-Mining

Related Reading: What DNS Encryption Means for Enterprise Threat Hunters

Source: TrendMicro

How do I defend against this as a SMB?

Stop this malware from entering your network by educating your staff on the common sources of infection. These Bots and Botnets are malware that infiltrates your company through phishing attacks, as well as weakly authenticated remote access (remote access that is not using two-factor authentication). To protect against Bots and Botnets, SMB owners should always ensure they do the following:

  1. Train employees to spot and avoid Phishing Attacks.
  2. Where possible, remove Administrator Rights from your employees.
  3. Deploy next-generation Anti-virus software and keep it up to date;
  4. Ensure you enable 2-factor authentication to access your VPN, O365, G-Suite, banking, and all other critical accounts.
  5. If you have 1 through 4 in place, the next major improvement would be to adopt a Password Manager across your company. 

These steps, practices, and tools improve both your overall security and productivity.

To learn more about C&C Servers and how they relate to Botnets, watch this short video:

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!


Sign Up Today!

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

Attackers Don’t Need a Key. They Already Have Yours.
5th May 2026 | Blog

Attackers Don’t Need a Key. They Already Have Yours.

Most breaches don't start with a hacker in a hoodie cracking code at 3am. They start with your username and a...

Read more
Claude Mythos Opened Pandora’s Box. Project Glasswing Is Racing to Close It.
10th April 2026 | Blog

Claude Mythos Opened Pandora’s Box. Project Glasswing Is Racing to Close It.

A Practical Brief for vCISOs THE WARNING WE IGNORED OR COULD NOT UNDERSTAND For years, the most credible...

Read more
When the “CEO” Calls and Asks You to Move Money Fast
31st March 2026 | Blog

When the “CEO” Calls and Asks You to Move Money Fast

A guide to spotting senior executive impersonation scams before the fake CEO gets a real wire transfer. It...

Read more
Get Started All Posts