NetTraveler is back: the 'Red Star' APT returns with new tricks

From Botnets.fr
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

NetTraveler is back: the 'Red Star' APT returns with new tricks
Botnet NetTraveler
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign Red Star
Operation/Working group
Vulnerability
CCProtocol
Date 2013 / 2013-09-03
Editor/Conference Kaspersky lab
Link http://securelist.com/blog/incidents/57455/nettraveler-is-back-the-red-star-apt-returns-with-new-tricks/ (Archive copy)
Author Costin Raiu
Type Blogpost

Abstract

NetTraveler, which we described in depth in a previous post, is an APT that infected hundreds of high profile victims in more than 40 countries. Known targets of NetTraveler (also known as 'Travnet' or "Netfile") include Tibetan/Uyghur activists, oil industry companies, scientific research centers and institutes, universities, private companies, governments and governmental institutions, embassies and military contractors.

During the last week, several spear-phishing e-mails were sent to multiple Uyghur activists.

Bibtex

 @misc{Raiu2013BFR1410,
   editor = {Kaspersky lab},
   author = {Costin Raiu},
   title = {NetTraveler is back: the 'Red Star' APT returns with new tricks},
   date = {03},
   month = Sep,
   year = {2013},
   howpublished = {\url{http://securelist.com/blog/incidents/57455/nettraveler-is-back-the-red-star-apt-returns-with-new-tricks/}},
 }