Made in China; State Sponsored Attack Targeting Shipping and Logistics Industry Worldwide
SAN MATEO, CA--(Marketwired - Jul 10, 2014) - TrapX, provider of the fastest growing sensor-based HoneyGrid™ in the world, announced the discovery of a highly sophisticated, polymorphic advanced persistent malware dubbed "Zombie Zero" targeting the shipping and logistics industry across the globe. Weaponized malware was delivered into shipping and logistics enterprise environments from a Chinese manufacturer responsible for selling proprietary hardware for terminal scanners used to inventory items being shipped or transported in and out many countries. The malware was delivered through the Windows embedded XP operating system installed on the hardware at the manufacturer's location in China and could also be downloaded from the Chinese manufacturer's support website. A variant of this malware was also sold and delivered with the same hardware product to a large manufacturing company as well as to seven other identified customers of this hardware product worldwide.
Description of Zombie Zero Behavior and Attack
"The problem with legacy security technologies is that they are not able to adapt to defend against emerging threats in real-time," said David Monahan, Research Director at Enterprise Management Associates. "Today's threat actors are smarter than ever morphing their attacks multiple times to achieve the goal of undermining existing security defenses. The next generation of security solutions must be just as adaptable to counter these modern threats."
"Security futurists have long favored honeypots as a way to actively defend the network. The challenge with honeypots is that they've largely required manual deployment. They've been difficult to scale across the network, particularly in rapid response to current attacks," said Yaniv Alfi, cofounder and CEO. "TrapX has taken the honeypot idea to the next level. We provide a virtualized honeygrid platform that not only emulates hundreds of services across the network -- our software also senses hostile scans and spins up targeted honeypots where they're needed most in order to identify cybercriminal, insider, or nation-state activity."
TrapX, formally known as CyberSense, conducts powerful real-time analytics and threat intelligence to support Adaptive Defense of the network while providing full incident lifecycle management -- detection, remediation and prosecution. The TrapX 360 platform is designed to detect and interdict lateral movement within networks and keep attackers from establishing footholds in the network nerve center.
To view the full anatomy of the attack, please access it here.
For more on TrapX, visit their website at www.trapx.com
Visit our blog: http://www.trapx.com/blog/
Follow us on Twitter: @trapxsecurity
Follow us on LinkedIn: https://www.linkedin.com/company/trapx
Like us on Facebook: https://www.facebook.com/pages/TrapX/258804147648401
About TrapX
TrapX has invented a purpose-built, virtual appliance-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. The TrapX360 Platform provides real-time, adaptive threat protection by leveraging our patented HoneyGrid™ malware trap and DPI technology. TrapX360 traps zero-day malware in its virtualized sensor network or HoneyGrid™ and next-generation malware traps before the malware can inflict significant damage to customers' data centers or cloud deployments. Combined with fully automated advanced forensic capability and a threat intelligence fusion center, TrapX provides the most comprehensive context sensitive alerting and reporting in the market.
Contact Information:
Media Contact:
Angel Rodriguez
Trainer Communications
925-271-8212
arodriguez@trainercomm.com