Once upon a time, the battle between malware writers and antimalware (AM) protection writers was all about doing business in volume. In the old days of the untargeted attack, if the victim had antimalware protection, then the attack would fail and the attacker would move on to find another victim. The main objective was to create a botnet, so it didn't really matter which computers they compromised. Defenders responded with systems that blacklisted the machines running those botnets – in effect, building a virtual prison to contain the known or obviously malicious wrongdoers.
Advanced Persistent Threat (APT) attacks, however, are precisely targeted. To maximize their success, attackers have adopted a version of the same Quality Assurance (QA) processes familiar to most engineers
more here.......http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Advanced-Persistent-Threats-and-the-rise-of-the-app-stores/ba-p/6441462#.U0SXBah5PZ0