Cyber espionage group CopyKittens has been active since at least 2013 and has targeted organisations and individuals, including diplomats and researchers, in Israel, Saudi Arabia, Turkey, the United States, Jordan and Germany. The group makes use of its own custom malware tools in combination with existing, commercial tools, like Red Team software Cobalt Strike, Metasploit, post-exploitation agent Empire, TDTESS backdoor, and credential dumping tool Mimikatz. Group uses a combination of these methods to persistently target the same victim over multiple platforms until they succeed in establishing an initial beachhead of infection.
Source: https://thehackernews.com/2017/07/opykittens-cyber-espionage.html