Java-based malware has been used to exploit at least three US-based organizations. Researchers traced a malicious Java archive (a.k.a. JAR) file to eight infected systems inside three U.S. organizations. The attacks have been tied to the Icefog APT attack campaign, which historically has used Windows Preinstallation Environment files to infect targets. Kaspersky Lab said that modus operandi suggested that the attackers were a “cybermercenary group” intent on stealing only designated bits of information.”]
Source: https://www.darkreading.com/attacks-breaches/java-icefog-malware-variant-infects-us-businesses