NetTraveler is a harmful malware that can infect computers and steal personal information. The malware is usually spread through suspicious downloads, emails, or websites, without the user's knowledge. It can disrupt operations, hold data hostage, and damage computer systems.
NetTraveler shares similar tactics, techniques, and procedures (TTPs) with ZeroT infrastructure. Both malware families have been continuously sharing the same command-and-control (C&C) domains. As an example, SHA256: 0d6d789d603d6d9ba68131592fd595c4d82c0288be309876d27a53466158b312 was used by many NetTraveler samples from October 2016 to January 2017.
In previous years, a China-based attack group used PlugX and NetTraveler Trojans for espionage in Europe, Russia, Mongolia, Belarus, and other neighboring countries. This activity has been documented and reported on in the past.
Description last updated: 2023-06-23T20:10:37.026Z