Home
HomeGlossaryCommand and Control Attack

Command and Control Attack

MITRE ATTACK layer: Command and Control

ON THIS PAGE

Unlock 442% ROI*

Control all your endpoints in a single platform.

4.6/5
Book a Demo

*Return on investment over three years as per the Total Economic Impact™ (TEI) study by Forrester

A Command and Control (C2) attack occurs when hackers create hidden communication channels between a malware-infected device and their own server, allowing them to remotely control compromised systems, steal data, and carry out malicious activities over extended periods.

How is Command and Control Attack abused

Attackers plant malware that secretly connects to their servers using disguised protocols like HTTPS or DNS. Once infected, devices become "zombies" that phone home for instructions, allowing hackers to remotely deploy additional threats, steal data, and spread laterally across networks. When multiple systems are compromised, the attacker's server controls an entire botnet of infected machines.

Why Command and Control Attack matters

C2 infrastructure gives attackers persistent remote control over compromised systems, enabling them to steal credentials, exfiltrate sensitive data, move laterally across networks, deploy ransomware, recruit machines into botnets, and cause operational disruptions all while maintaining a constant backdoor to strike whenever they choose.

Real-world example

Lumma C2 infostealer

In May 2025, the U.S. Department of Justice, Microsoft, and international partners dismantled the LummaC2 infostealer operation, seizing critical command-and-control domains that had been stealing credentials from hundreds of thousands of infected systems worldwide, effectively severing the malware's communication channels and crippling its ability to operate.

Source

Get the full attack repository

Get our entire attack repository in a single, offline-ready PDF guide, featuring 25+ real-world attacks.

Please enter a valid email.Please enter a email.
By clicking 'Download EBOOK', you agree to processing of personal data according to the Privacy Policy.

Related topics

Command and Control
Advanced Persistent Threat
Read more
Command and Control
Malware
Read more
Command and Control
DNS Tunneling
Read more

Additional Resources

Research
Achieve 442% ROI and reduce patching time by 95% — Forrester TEI Report

See how organizations gained 442% ROI and major efficiency improvements with Endpoint Central.

Read more
Security validation
Experience enterprise-grade protection proven in real-world tests — AV-Comparatives Report

Discover how Endpoint Central’s antivirus earned recognition through rigorous, real-world security validation in just eight months.

Read more
Guide
Simplify endpoint security and build cyber resilience — Endpoint Security For Dummies

Get a clear, practical guide to understanding threats and strengthening your organization’s security.

Read more

Trusted by

Unified Endpoint Management and Security Solution
Patch ManagementSoftware DeploymentEndpoint SecurityOS DeploymentAsset ManagementMobile Device MgmtTools & Configurations