A threat actor has established multiple command and control channels leveraging popular legitimate services including Microsoft Outlook, Slack, Discord, and file.io for conducting online espionage operations. This approach provides redundancy and makes detection more difficult.