Difference between revisions of "NetTraveler is back: the 'Red Star' APT returns with new tricks"

From Botnets.fr
Jump to navigation Jump to search
m (Text replacement - " securelist.com" to "")
m (Text replacement - "Campaign1=" to "Campaign=")
 
Line 18: Line 18:
|OffensiveTool=
|OffensiveTool=
|ExploitKit=,  
|ExploitKit=,  
|Campaign1=Red Star
|Campaign=Red Star
|Campaign2=
|Campaign2=
|Campaign3=
|Campaign3=

Latest revision as of 21:31, 31 July 2015

(Publication) Google search: [1]

NetTraveler is back: the 'Red Star' APT returns with new tricks
Botnet NetTraveler
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign Red Star
Operation/Working group
Vulnerability
CCProtocol
Date 2013 / 2013-09-03
Editor/Conference Kaspersky lab
Link http://securelist.com/blog/incidents/57455/nettraveler-is-back-the-red-star-apt-returns-with-new-tricks/ (Archive copy)
Author Costin Raiu
Type Blogpost

Abstract

NetTraveler, which we described in depth in a previous post, is an APT that infected hundreds of high profile victims in more than 40 countries. Known targets of NetTraveler (also known as 'Travnet' or "Netfile") include Tibetan/Uyghur activists, oil industry companies, scientific research centers and institutes, universities, private companies, governments and governmental institutions, embassies and military contractors.

During the last week, several spear-phishing e-mails were sent to multiple Uyghur activists.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1410,
   editor = {Kaspersky lab},
   author = {Costin Raiu},
   title = {NetTraveler is back: the 'Red Star' APT returns with new tricks},
   date = {03},
   month = Sep,
   year = {2013},
   howpublished = {\url{http://securelist.com/blog/incidents/57455/nettraveler-is-back-the-red-star-apt-returns-with-new-tricks/}},
 }