The twisted family tree of the Transponder Gang

Joe Telafici McAfee AVERT
Seth Purdy McAfee AVERT

  download slides (PDF)

ABetterInternet. Shopnav. TopMoxie. Ebates. Searchcentrix. TwainTech. MX-Targeting. IPInsight. Dashbar. ZServ. Vx2. All of the aforementioned pieces of adware and spyware may be the result of one large, distributed, and loosely connected organization often referred to as ‘the Transponder Gang’. A group of companies that are often little more than a domain name and skeleton website, but which may all be related in a way that makes the Corleone family tree look straightforward. These components have remarkably evolved self-updating technology, a host of domain names, and a degree of cooperation in the collection and distribution of data that is impossible to imagine amongst independent organizations.

In this session we'll delve into the many variants, parent companies, and convoluted behaviour of this inbred family of potentially unwanted programs, that, by itself, may be responsible for a significant share of the spyware/adware specimens and infestations currently out there. We'll discuss possible approaches to staying on top of this well-organized and funded consortium.



twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.