They are only installed on file servers.

They exploit vulnerable components.

They are often hidden in plain sight.

They are always encrypted.

By blocking all external connections.

By installing antivirus software.

By tricking the application into downloading malicious scripts.

By encrypting all data on the server.

Netcat

PowerSploit

HTTP Tunnel

C99 Shell

To pass TCP traffic through DNS traffic.

To block all DNS requests.

To encrypt all DNS queries.

To create a new DNS server.

To find the best antivirus software.

To ensure their malware is undetectable by common antivirus software.

To upload their personal files for safekeeping.

To share their malware with other attackers.