Malware uses Google Docs as proxy to command and control server
Malware uses Google Docs as proxy to command and control server | PCWorld
Security researchers from antivirus vendor Symantec have uncovered a piece of malware that uses Google Docs, which is now part of Google Drive, as a bridge when communicating with attackers in order to hide the malicious traffic.
The malware—a new version from the Backdoor.Makadocs family—uses the Google Drive “Viewer” feature as a proxy for receiving instructions from the real command and control server. The Google Drive Viewer was designed to allow displaying a variety of file types from remote URLs directly in Google Docs.