NetTraveler is malware that has been used in multiple cyber espionage campaigns for basic surveillance of victims. The earliest known samples have timestamps back to 2005, and the largest number of observed samples were created between 2010 and 2013. [1]
Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1010 | Application Window Discovery |
NetTraveler reports window names along with keylogger information to provide application context.[1] |
|
Enterprise | T1056 | .001 | Input Capture: Keylogging |
NetTraveler contains a keylogger.[1] |