Advanced Persistent Threat (APT) Group: TEMP.Zagros / MuddyWater
Status:
Possibly Inactive*

Attack Vectors: spear phishing, backdoor trojans ("POWERSTATS"), spoofing, macros, and PowerShell-commanded code execution.
Targets: Asia and Middle East regions of government (primarily Turkey, Pakistan, Tajikistan, and India)
Mitigation Techniques: disable PowerShell and VBA/VBS scripting - if possible. Use stronger solution than AppLocker.
First noticed: February-October 2017; January-March 2018
Last Update: March 2018
Other Notes: *There is no known evidence past March 2018 of whether this group is ongoing.
Resources: Security Affairs - ThreatPost