Symantec says the group, which it calls Chafer, has increased both its level of activity and the number of tools used against organizations in the Middle East. Chafer’s hit list includes airlines, aircraft services, software and IT services companies serving the air and sea transport sectors, telecom services, payroll services, engineering consultancies, and document management software. The attack makes use of the helminth malware that has been used, and continues to be developed, by Chafer and related groups.”]
Source: https://www.darkreading.com/attacks-breaches/-chafer-uses-open-source-tools-to-target-iran-s-enemies