Command & Control infrastructure is commonly thought of as spun up servers using newly found or known-bad domains and IP addresses. But what about common cloud storage services being used for such purposes? We'll look at some real-world examples of APTs using this technique in the wild. We'll demo an open source tool that uses Dropbox as a Command & Control server and observe the network activity associated with this communication.