An Advanced Persistent Threat (APT) called NetTraveler has been spotted making mischief again, but it appears to have learned a few new tricks since it was last spotted in June.
The malware is now attacking a known Java vulnerability, CVE-2013-2465, and added water holing to its propagation strategy, according to new research from Kaspersky Lab.
Kaspersky sounded the alarm about NetTraveler, also known as Travnet and Netfile, in June, when it reported the backdoor software was spearheading a cyber espionage campaign that had been running for eight years.
The campaign targeted more than 350 high-profile victims from more than 40 countries, including political activists, research centers, governmental institutions, embassies, military contractors and private companies from various industries. Read more.