Not sure why the down votes for the article, maybe the article was updated after you read it but these were listed:

"DataByCloud Access — Posed as a productivity or security-related tool while secretly harvesting session tokens.

Tool Access 11 — Intercepted authentication data and blocked access to administrative and security settings.

DataByCloud 1 — Exfiltrated authentication cookies to attacker-controlled servers.

DataByCloud 2 — A variant with extended persistence and administrative interference capabilities.

Software Access — Enabled bidirectional session hijacking and long-term account takeover. "