In this article about cyber spies, Context's Kevin O'Reilly tells the author of this BBC story all about nation-state malware, in particular the PlugX malware which was first discovered in mid-2012 and has since been altered and used many times.
Context is one of a few firms that have investigated breaches brought about with PlugX and it has used network forensics to replay where the attackers went and what they did.
You can read the BBC story here: http://www.bbc.co.uk/news/technology-34474879