<\/a><\/figure><\/div>\n\n\nThe Twelve group deploys web shells to the compromised web servers to carry out malicious activities, including executing arbitrary commands, lateral movements, data exfiltration, and creating and sending email. <\/gwmw><\/p>\n\n\n\n