A new version of NetTraveler has been spotted, this one using Java exploits and a watering hole attack to spy on and steal from diplomats, manufacturers, scientists and military contractors. The first version of the malware targeted Microsoft Office vulnerabilities, but has expanded beyond spear phishing to watering hole attacks. The latest version of malware has zeroed in on Tibetan and Uyghur activists in addition to a number of manufacturing, research and even military targets. To date, the malware has infected victims in more than 40 countries, Kaspersky Lab says.
Source: https://threatpost.com/nettraveler-variant-adds-java-exploits-watering-hole-attacks-to-bag-of-tricks/102156/