Multiyear campaigns stretching back to at least 2014 have been seen using zero-days in region-specific software. The targets of the attacks are generally Japanese government agencies and vertical organizations, including education organizations. APT17 and Bronze Butler threat groups have carried out ongoing campaigns that use the same techniques, swapping out exploits as new exploits are developed. The most recent malicious activity seen in April 2019 was the latest malicious activity from an APT group seen in Japan. Researchers: APT groups are actively targeting niche attack surfaces in hopes of flying under the radar.
Source: https://threatpost.com/virus-bulletin-japanese-attacks-apt-strategygy/148859/