A piece of malicious software spotted by Trend Micro uses the note-taking service Evernote as a place to pick up new instructions.
The malware is a backdoor, or a kind of software that allows an attacker to execute various actions on a hacked computer. Trend Micro found it tries to connect to Evernote in order to obtain new commands.
"The backdoor may also use the Evernote account as a drop-off point for its stolen information," wrote
Nikko Tamana, a Trend Micro threat response engineer.
It's not unheard of for hackers to design malware to abuse legitimate services, either to make the malware more difficult to trace or give it a less suspicious profile. In the past, Twitter
and Google Docs have been used by hackers to post instructions for their botnets.
"As stealth is the name of the game, misusing legitimate services like Evernote is the perfect way to hide the bad guys' tracks and prevent efforts done by the security researchers," Tamana wrote.