RATs & Socks: Abusing Google Services

Name: RATs & Socks: Abusing Google Services
Description: Legitimate cloud services have increasingly become the preferred communication backbone for sophisticated malware — a technique sometimes called "living off trusted services" (LOTS). By channeling com

Valerio Alessandroni

DEF CON 33 · Day 3 · Main Stage

Legitimate cloud services have increasingly become the preferred communication backbone for sophisticated malware — a technique sometimes called "living off trusted services" (LOTS). By channeling com

AI review

APT41-adopted C2 infrastructure using Google Calendar and a novel SOCKS5-over-Google-Drive tunnel — operationally validated, live demos, and the SOCKS5 component is genuinely new tradecraft.

Watch on YouTube