|
gptkbp:instanceOf
|
cyber espionage campaign
|
|
gptkbp:activeYearsStart
|
2004
|
|
gptkbp:alsoKnownAs
|
gptkb:Netfile
gptkb:Red_Star_APT
Travnet
|
|
gptkbp:associatedWith
|
gptkb:Chinese-speaking_threat_actors
|
|
gptkbp:commanded
|
servers located in multiple countries
|
|
gptkbp:dataCompromised
|
documents
files
passwords
browser history
system information
clipboard data
keystrokes
screenshot captures
|
|
gptkbp:discoveredBy
|
gptkb:Kaspersky_Lab
|
|
gptkbp:exploitedVulnerabilities
|
gptkb:CVE-2009-3129
gptkb:CVE-2010-3333
gptkb:CVE-2012-0158
gptkb:CVE-2012-1856
|
|
gptkbp:firstReported
|
2013
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
NetTraveler
|
|
gptkbp:language
|
gptkb:Chinese
|
|
gptkbp:majorCity
|
gptkb:China
gptkb:Germany
gptkb:India
gptkb:Kazakhstan
gptkb:Kyrgyzstan
gptkb:Mongolia
gptkb:Russia
gptkb:South_Korea
gptkb:Tajikistan
gptkb:United_Kingdom
gptkb:United_States
|
|
gptkbp:notableFor
|
long-term cyber espionage
|
|
gptkbp:target
|
gptkb:energy
activists
research institutions
military organizations
government institutions
diplomatic organizations
space exploration organizations
|
|
gptkbp:usesMalware
|
Remote Access Trojan
information stealer
|
|
gptkbp:vectorFor
|
malicious attachments
spear phishing emails
exploits for Microsoft Office vulnerabilities
|
|
gptkbp:victim
|
over 350 high-profile victims
|
|
gptkbp:bfsParent
|
gptkb:Sednit
|
|
gptkbp:bfsLayer
|
6
|