A detailed analysis of code and data from a command-and-control server responsible for the management of the operations, tools and tradecraft behind the Operation Sharpshooter campaign has revealed evidence that this global cyber espionage campaign is more extensive in complexity, scope and duration of operations. The analysis led to identification of multiple previously unknown command-and-control centers, and suggest that Sharpshooter began as early as September 2017, targeted a broader set of organizations, in more industries and countries and is currently ongoing.
Source: Help Net Security