What malware was the first to use a client-server architecture to relay commands?
The earliest that I could find appears to be NetBus which was written in early 1998. The next closest would be Back Orifice, which was written in August 1998.
However, these two pieces of malware were very popular, so I’m curious if there were any others which were discovered before then. I don’t think backdoored versions of telnet count for this.