Security researchers published technical details about malware used by a new threat actor that matches a signature in a scanner likely built by the U.S. National Security Agency. The new threat received the name DarkUniverse and was active for at least eight years, between 2009 and 2017. It was identified last year, but the NSA knew about it long before. About 20 victims from civilian and military organizations are from Syria, Iran, Sudan, Russia, Tanzania, Belarus, Belarus and the United Arab Emirates.
Source: https://www.bleepingcomputer.com/news/security/darkuniverse-apt-stayed-hidden-for-8-years-updated-regularly/