NetTraveler Is Back: The ‘Red Star’ APT Returns With New Tricks
NetTraveler, which we described in depth in a previous post, is an APT that infected hundreds of high profile victims in more than 40 countries. Known targets of NetTraveler (also known as ‘Travnet’ or “Netfile”) include Tibetan/Uyghur activists, oil industry companies, scientific research centers and institutes, universities, private companies, governments and governmental institutions, embassies and military contractors.
During the last week, several spear-phishing e-mails were sent to multiple Uyghur activists. Here’s an example: