A group of security researchers have discovered the presence of NetTraveler in a cyberespionage campaign which successfully infiltrated high-profile targets throughout the world.
Security experts at Kaspersky Lab have to keep track of the campaign over the last few years. In a blog post Tuesday said published by the provider for antivirus, security researchers to over 350 high profile victims in 40 countries have been affected by the NetTraveler--a program used for subtle computer monitoring.
"NetTraveler" is named as such because of an internal string that was present in early versions. The earliest references to the harmful program derived from 2004, although the largest number of specimens found were created between 2010 and 2013.
The objectives of the program include activist in Tibet and Uighur, oil industrial enterprises, scientific research centers and institutes, universities, private companies, Governments and State institutions, embassies and military contractors. NetTraveler has recently been used in attacks that focused on cyberespionage campaigning around space exploration, nanotechnology, energy production, nuclear power, lasers, medicine and communication. The victim's profiles are shown below:
The highest rates of infection were registered in Mongolia, followed by India and Russia. However, NetTraveler was detected in 40 countries worldwide, including China, South Korea, Spain, Germany, United States, United Kingdom, Chile, Australia and Hong Kong S.A.R..
Six of the victims were also the subject of Red October. The campaign Flame-like was spying on diplomats and Governments all over the world, gathering information and intelligence from "mobile devices, computer systems and network equipment" and is still active. In the same way as NetTraveler sent the malicious code via spear phishing emails.
The researchers commented:
"Based on intelligence gathered, we estimate group size to about 50 people, most of whom speak Chinese native and has a good knowledge of English NetTraveler is designed to steal sensitive information, log keystrokes, and download the file system lists and various Office or PDF documents.
For a more in-depth look at NetTraveler there is a full report here (pdf).