Experts at F-Secure discovered a link between the crew operating a rogue Tor node used to spread OnionDuke malware and MiniDuke APT. The code also contained references to Dante Alighieris Divine Comedy and alluded to 666, the mark of the beast discussed in the biblical Book of Revelation. The level of sophistication and the nature of the attacks suggest that the attacks are part of a state-sponsored espionage campaign, the experts say. Experts identified different sample of the. malware and multiple other components of the Onion. malware family, which were designed to execute specific tasks like the data stealing.”]
Source: https://securityaffairs.co/wordpress/30239/cyber-crime/onionduke-apt-gang.html