UPDATE (Dec. 8, 2017): We now attribute this campaign to APT34, a suspected Iranian cyber espionage threat group that we believe has been active since at least 2014. Learn more about APT34 and their late 2017 targeting of a government organization in the Middle East. Introduction In the first week of May 2016, FireEye’s DTI identified a wave of emails containing malicious attachments being sent to
![Targeted Attacks against Banks in the Middle East | FireEye Inc](https://cdn-ak-scissors.b.st-hatena.com/image/square/224498429cf024732b6edde0acd368c885fdd19a/height=288;version=1;width=512/https%3A%2F%2Fwww.fireeye.com%2Fcontent%2Fdam%2Ffireeye-www%2Ffw%2Fimages%2Ffireeye-2-color-square.png)