This suspected nation-state actor was active from 2008 to 2012. This group used zero-day exploits and spear-phishing emails to infect victims for cyber-espionage purposes. The victims represented thirteen different countries across three continents; one notable target was Iran’s nuclear program.