"NetTraveler is Running!" - Red Star APT attacks compromise high-profile victims

From Botnets.fr
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

(Publication) Google search: [1]

"NetTraveler is Running!" - Red Star APT attacks compromise high-profile victims
Botnet NetTraveler
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign Red Star
Operation/Working group
Vulnerability
CCProtocol
Date 2013 / 2013-06-04
Editor/Conference Kaspersky lab
Link http://securelist.com/blog/research/35936/nettraveler-is-running-red-star-apt-attacks-compromise-high-profile-victims/ (Archive copy)
Author GReAT
Type Blogpost

Abstract

Over the last few years, we have been monitoring a cyber-espionage campaign that has successfully compromised more than 350 high profile victims in 40 countries. The main tool used by the threat actors during these attacks is NetTraveler, a malicious program used for covert computer surveillance.

The name NetTraveler comes from an internal string which is present in early versions of the malware: NetTraveler Is Running! This malware is used by APT actors for basic surveillance of their victims. Earliest known samples have a timestamp of 2005, although references exist indicating activity as early as 2004. The largest number of samples we observed were created between 2010 and 2013.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1409,
   editor = {Kaspersky lab},
   author = {GReAT},
   title = {"NetTraveler is Running!" - Red Star APT attacks compromise high-profile victims},
   date = {04},
   month = Jun,
   year = {2013},
   howpublished = {\url{http://securelist.com/blog/research/35936/nettraveler-is-running-red-star-apt-attacks-compromise-high-profile-victims/}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=%22NetTraveler_is_Running!%22_-_Red_Star_APT_attacks_compromise_high-profile_victims&oldid=5086"