A malicious campaign targeting entities from North America, Europe, Asia, and the Middle East during March used a combination of pages hosted on Bit.ly, BlogSpot, and Pastebin to create a command-and-control (C2) infrastructure. Palo Alto Networks’ Unit 42 discovered that the threat actors behind the campaign dubbed “Aggah”” employed the C2 infrastructure built using only legitimate services to drop RevengeRAT payloads on organizations from “”Technology
Source: Hospitality