You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
c2
About this tag
The c2 tag on WindowsForum.com covers content related to command-and-control infrastructure in cybersecurity threats. Recent discussions focus on the GhostRedirector campaign, where a threat actor compromised Windows servers to deploy custom tools like the Rungan backdoor and Gamshen IIS module for SEO fraud. This tag is relevant for users interested in server-side malware, backdoor analysis, and threat actor tactics targeting IIS environments.
ESET Research has uncovered a previously undocumented threat actor it calls GhostRedirector, which in June 2025 was found to have compromised at least 65 Windows servers across multiple countries and deployed two custom tools — a C++ backdoor named Rungan and a native IIS module named Gamshen...