Supply chain attacks are potent cyber attacks for compromising supply chains and infecting thousands of customers depending on the supply chain. Havoc, played bythe SUNBURST attack, demands a proactive and holistic approach for the timely detection of supply chain attacks. Supply chain attacks are difficult to detect as the malware is installed through legitimate supply chains, making deployed security controls futile. The recent increases in supply chain attacks warrant a Zero-trust model for detecting supply chain attacks. The most promising technique for detecting supply chain attacks is monitoring host-based indicators and correlating these indicators with associated network activity. Establishing a Command and Control (C2) connection is one of the essential stages in supply chain attacks, and its timely detection can lead to the detection of the attack. The C2-Eye framework has introduced an all inclusive approach for detecting C2 of supply chain attacks, established over DNS. C2-Eye incorporates process-specific host-based features, correlated network activity, DNS metadata, DNS semantic analysis, and threat intelligence from publicly available resources for detecting C2 of supply chain attacks. Besides, C2-Eye monitors the C2 channel for probable data exfiltration in the backdrop of supply chain attacks. C2-Eye has introduced many unique features, offering better performance and a high detection rate. A random forest classifier has been used to classify heterogeneous C2-Eye features. C2-Eye is an effective framework for detecting supply chain attacks with an F1-score of 98.70%.