Key Findings Suspected Malaysian government-backed operation maintained hidden command and control infrastructure for years using sophisticated obfuscation techniques Threat actors abused Cloudflare storage and CDN services to host malware, phishing material, and exfiltrated data while leveraging the platform's trusted reputation Infrastructure designed with selective access controls and adaptive response mechanisms to evade standard internet scanning and detection tools Atta