This report provides an overview of the NeTTraveler cyber-espionage campaign, which has compromised over 350 high-profile victims in 40 countries. The main tool used by the threat actors is the NeTTraveler malware, which is identified by the internal string "net traveler is running!". The earliest known samples were created in 2005, and the largest number of samples were observed between 2010 and 2013. Known targets of NeTTraveler include Tibetan/uyghur activists, oil industry companies, scientific research centers and institutes, universities, private companies, governments and government institutions, embassies, and military contractors. The NeTTraveler backdoor is often used in conjunction with other malware families, and the attackers deploy different backdoors to the victims' machines, including the malware known as "saker" or "xbox".