A malicious campaign targeting corporations from all over the world was observed while using a combination of pages hosted on Bit.ly, BlogSpot, and Pastebin to deliver Azorult and RevengeRAT malware. The malware is delivered onto the targets’ computers using a phishing campaign that uses emails bundling malicious Microsoft Excel document attachments which, once opened, would drop a VBS script payload. A similar campaign dubbed “Aggah”” by the Palo Alto Networks’ Unit 42 researchers who spotted in March
Source: