Trend Micro has uncovered a new piece of malicious software that appears to be using the note-taking service Evernote as Command and Control(C&C) Server.
The Trojan , dubbed as VERNOT, can perform several backdoor commands such as downloading , executing and renaming files. It harvests information of affected system .
Here is the interesting part, the malware receives malicious instructions from the Evernote accounts and at the same time, it stores the harvested information in the Evernote accounts.
"Misusing legitimate services like Evernote is the perfect way to hide the bad guys’ tracks and prevent efforts done by the security researchers." Researchers pointed out.
This is not the first time that a popular legitimate service is being abused as C&C server - In the past, Google Docs, Sendspace, Twitter, and other services have been used by Cyber Criminals to send instructions to malware.