In February 2012 activists in Iran and Syria were targeted with two different types of malicious computer software. The software looks like two harmless files; a Microsoft PowerPoint slide show and an image file. The malicious software will silently install itself on your computer when you open one of the files. The keylogger and the backdoor will transfer data to a server at a government-owned telecommunications company in Syria, but was later updated to point to a Linode server in London, UK. The EFF wrote a blog post called How to Find and Protect Yourself Against the Pro-Syrian-Government Malware on Your Computer.”]
Source: https://blog.torproject.org/activists-iran-and-syria-targeted-malicious-computer-software