DNS Deep Dive: Peeking into Back Doors to Abandoned but Live Backdoors
Backdoors allow threat actors to bypass a target organization’s normal authentication mechanisms.1 Most of these malware steal sensitive information and send it to command-and-control (C&C) servers—domains under the attackers’ control.
Did you ever wonder what happens to domains that served as C&C servers? Many of them remain operational and can be accessed by other threat actors.2