TMCnet News

root9B Releases Technical Analysis on Active Malware Campaign After Briefing Law Enforcement
[June 22, 2017]

root9B Releases Technical Analysis on Active Malware Campaign After Briefing Law Enforcement


COLORADO SPRINGS, Colo., June 22, 2017 /PRNewswire/ -- root9B, a root9B Holdings Inc. (NASDAQ: RTNB) company, and leading provider of advanced cybersecurity products, services, and training, has released an in-depth technical analysis report on a newly identified active campaign targeting point-of-sale systems. The report provides technical details of the adversary's techniques and malware and also provides defenders with information to support detection and mitigation activities.

As of the close of business Monday, root9B had briefed Law Enforcement agencies in the United States, United Kingdom and Canada about its findings, and provided a detailed analysis of the malware and the ongoing campaign.  The company has discovered an advanced, targeted adversary campaign focused on harvesting payment card information from POS systems. The report identifies active and operational Command and Control (C2) servers and memory-resident techniques used to maintain persistence and avoid detection. root9B's report uncovers the Tactics, Techniques and Procedures (TTPs) utilized and describes them in a detailed analysis. Details, excerpted from the Law Enforcement report, can be found here: https://www.root9b.com/newsroom/shelltea-poslurp-malware.

"This malware displays the characteristics we would expect to see from an advanced, well resourced, and focused adversary," said Mike Morris, root9B Chief Technology Officer. "Memory-resident, or fileless malware, is very difficult to detect using traditional passive security solutions and highlights the benefits of active HUNT operations."

"The findings are significant and consistent with the work the team at root9B had done while serving our country as members of our defense and intelligence agencies," said General Michael Hayden, a member of the root9B Advisory Board and former Director of the CIA and NSA. "Identifying threats while in progress, as opposed to post-breach analysis, is where the information security industry has to be."

"Since we made the information public, the response has been very positive from a number of commercial organizations requesting additional data," said Eric Hipkins, root9B Chief Executive Officer. "Sharing information among defenders is vital as we defend our nation's networks."

root9B will host a webinar to review and discuss the technical details behind the malware analysis released in the report and answer any questions. The Webinar will take place on Monday, June 26, 2017, at 2pm CDT.  To attend this webinar, please register at the following link:

https://attendee.gotowebinar.com/register/7551481427424407811

To join the industry conversation, use #ShellTea and #PoSlurp.

About root9B
Ranked as the #1 Cybersecurity Company for 2016 by Cybersecurity Ventures, root9B stands in defiance of the unwanted human presence within its clients' networks by attacking the root of the problem—the adversary's ability to gain entry and remain undetected. root9B's application of advanced technology developed through cutting-edge R&D and engineering and refined through relevant, hands-on training is revolutionary. root9B combines next generation technology, tactics development, specialty tools, and deep mission experience. root9B personnel leverage their extensive backgrounds in the U.S. Intelligence Community to conduct advanced vulnerability analysis, penetration testing, digital forensics, incident response, Industrial Control System (ICS) security, and HUNT (Active Adversary Pursuit) engagements on networks worldwide. For more information, visit www.root9B.com.

About root9B Holdings, Inc.
root9B Holdings is a leading provider of Cybersecurity Services for clients ranging from Fortune 100 companies to mid-sized and owner-managed businesses across industries, as well as local, state and federal government agencies. For more information, visit www.root9bholdings.com

Forward Looking Statements
Certain statements contained in this press release may include forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995.  These statements are based on the Company's current expectations or beliefs and are subject to uncertainty and changes in circumstances. Actual results may vary materially from those expressed or implied by the statements herein due to changes in economic, business, competitive and/or regulatory factors, and other risks and uncertainties affecting the operation of the Company's business. These risks, uncertainties and contingencies are indicated from time to time in the Company's filings with the Securities and Exchange Commission. The information set forth herein should be read in light of such risks. Further, investors should keep in mind that the Company's financial results in any particular period may not be indicative of future results.  The Company is under no obligation to, and expressly disclaims any obligation to, update or alter its forward-looking statements, whether as a result of new information, future events, changes in assumptions or otherwise.





Media Contact: 

Investors:       

Andrew Hoffman 

Devin Sullivan

Zito Partners 

The Equity Group Inc.

908-546-7447 

212-836-9608

[email protected]  

[email protected]


To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/root9b-releases-technical-analysis-on-active-malware-campaign-after-briefing-law-enforcement-300478332.html

SOURCE root9B


[ Back To TMCnet.com's Homepage ]