Iranian-linked threat actor APT34 has been spotted in a malware campaign targeting U.S. federal agencies. The company in question is Westat, a professional services company that provides research services to U.S. state and local governments. Researchers at Intezer uncovered the campaign after detecting a malicious file in January purporting to be an employee satisfaction survey for Westat employees and customers. The downloaded executable file is actually a new version of the TONEDEAF malware, a backdoor commonly used by APT 34 as a custom tool.
Source: https://threatpost.com/iran-hackers-us-gov-malware/152452/