NetTraveler

da ZDnet:

A group of security researchers have uncovered the presence of NetTraveler in a cyberespionage campaign that has successfully infiltrated high-profile targets worldwide.

Security experts at Kaspersky Lab have been keeping tabs on the campaign over the past few years. In a blog post Tuesday published by the antivirus provider, security researchers said that over 350 high profile victims in 40 countries have been affected by the NetTraveler tool -- a program used for subtle computer surveillance.

"NetTraveler" is named as such due to an internal string which was present in early versions. The earliest references towards the malicious program stem from 2004, although the largest number of samples found were created between 2010 and 2013.

Targets of the program include activist in Tibet and Uyghur, oil industry companies, scientific research centers and institutes, universities, private companies, governments and governmental institutions, embassies and military contractors. Most recently, NetTraveler has been used in attacks focused on cyberespionage campaigns around space exploration, nanotechnology, energy production, nuclear power, lasers, medicine and communications.

(...)

"Based on collected intelligence, we estimate the group size to about 50 individuals, most of which speak Chinese natively and have working knowledge of the English language NetTraveler is designed to steal sensitive data as well as log keystrokes, and retrieve file system listings and various Office or PDF documents."