They definitely do, with real life exploits using pastebin or reddit as ways to post C2 code.
Effective, because you can post it as HTTP/HTTPS traffic that generally flies under the radar of a lot of IDS/IPS systems. Even if they inspect the packet it's just a buncha random reddit gibberish and you could use memes as commands, e.g. "I also choose this guy's wife" == launch attack
Effective, because you can post it as HTTP/HTTPS traffic that generally flies under the radar of a lot of IDS/IPS systems. Even if they inspect the packet it's just a buncha random reddit gibberish and you could use memes as commands, e.g. "I also choose this guy's wife" == launch attack