Researchers at ESET analyzed the Dino malware confirming that the sophisticated espionage platform belongs to the arsenal of the Animal Farm APT. The name Babar is reported in one of the documents leaked by Snowden, the secret slides produced by the Canadian intelligence agency linked Babar to the French Government. Babar was used to spy on several Iranian nuclear research institutes and universities, but it was used also to monitor activities of European financial institutions. Experts highlighted that the developers of these malware families are French speakers. NBot, Tafacalou (TFC / Transporter) and Dino are other malicious code used.”]
Source: https://securityaffairs.co/wordpress/38204/cyber-crime/dino-malware-animal-farm.html