Researchers from the Unit42 at Palo Alto Networks observed Iran-Linked OilRig APT group targeting high-ranking office in a Middle Eastern nation. The hackers used spear-phishing emails to deliver an updated version of the BondUpdater Trojan. The BONDUPDATER Trojan supports implements common backdoor features such as uploading and downloading files, as well as executing commands on the infected system. OilRig is continuing their onslaught of attacks well into 2018 with continued targeting in the Middle East”]
Source: https://securityaffairs.co/wordpress/76187/hacking/oilrig-apt-campaign.html