Targeted e-mails were sent to employees that were engineered to attack unpatched software and sought to steal spreadsheets, Word documents and other information.Those pilfered documents were then uploaded to Web sites hosted on command-and-control servers in the U.S and the U.K. Ferguson said.