Antivirus Protection & Internet Security Software
04 Jun 2013Virus News
Malicious NetTraveler Toolkit Infects 350 High-Profile Victims for Data Theft and Surveillance
Today Kaspersky Lab’s team of experts published a new research report about NetTraveler, which is a family of malicious programs used by APT actors to successfully compromise more than 350 high-profile victims in 40 countries. The NetTraveler group has infected victims across multiple establishments in both the public and private sector including government institutions, embassies, the oil and gas industry, research centers, military contractors and activists.
According to Kaspersky Lab’s report, this threat actor has been active since as early as 2004; however, the highest volume of activity occurred from 2010 – 2013. Most recently, the NetTraveler group’s main domains of interest for cyberespionage activities include space exploration, nanotechnology, energy production, nuclear power, lasers, medicine and communications.
To read Kaspersky Lab’s full research analysis, including indicators of compromise, remediation techniques and details of NetTraveler and its malicious components, please visit Securelist.
Kaspersky Lab’s products detect and neutralize the malicious programs and its variants used by the NetTraveler Toolkit, including Trojan-Spy.Win32.TravNet and Downloader.Win32.NetTraveler. Kaspersky Lab’s products detect the Microsoft Office exploits used in the spear-phishing attacks, including Exploit.MSWord.CVE-2010-333, Exploit.Win32.CVE-2012-0158.
© 1997 – 2016 Kaspersky Lab
All Rights Reserved. Industry-leading Antivirus Software