US Cyber Command (US CyberCom) issued a malware alert on Twitter regarding the active exploitation of the CVE-2017-11774 Outlook vulnerability to attack US government agencies. US CyberCom did not mention the threat actor behind the ongoing attacks. APT33 (also known as Elfin) is an Iranian-backed cyber-espionage group with operations going as far as 2013 targeting organizations from multiple industries in the United States, Saudi Arabia, and South Korea (e.g., government, research, finance, and engineering), with a focus on energy and aviation entities.
Source: https://www.bleepingcomputer.com/news/security/outlook-flaw-exploited-by-iranian-apt33-us-cybercom-issues-alert/