The twisted family tree of the Transponder Gang

Joe Telafici McAfee AVERT
Seth Purdy McAfee AVERT

ABetterInternet. Shopnav. TopMoxie. Ebates. Searchcentrix. TwainTech. MX-Targeting. IPInsight. Dashbar. ZServ. Vx2. All of the aforementioned pieces of adware and spyware may be the result of one large, distributed, and loosely connected organization often referred to as ‘the Transponder Gang’. A group of companies that are often little more than a domain name and skeleton website, but which may all be related in a way that makes the Corleone family tree look straightforward. These components have remarkably evolved self-updating technology, a host of domain names, and a degree of cooperation in the collection and distribution of data that is impossible to imagine amongst independent organizations.

In this session we'll delve into the many variants, parent companies, and convoluted behaviour of this inbred family of potentially unwanted programs, that, by itself, may be responsible for a significant share of the spyware/adware specimens and infestations currently out there. We'll discuss possible approaches to staying on top of this well-organized and funded consortium.

VB Conferences

VB2010 (Vancouver)

VB2009 (Geneva)

VB2008 (Ottawa)

VB2007 (Vienna)

VB2006 (Montréal)

VB2005 (Dublin)

VB2004 (Chicago)

VB2003 (Toronto)

VB2002 (New Orleans)

VB2001 (Prague)

VB2000 (Orlando)

VB99 (Vancouver)

VB98 (Munich)

VB97 (San Francisco)

VB96 (Brighton)

VB95 (Boston)

VB94 (Jersey)

VB93 (Amsterdam)

VB92 (Edinburgh)

VB91 (Jersey)

‘The material presented is so interesting that it would be worth attending VB just to get my hands on the proceedings. I especially enjoyed the last-minute presentations.’

Poll

Who in your company is responsible for installing software patches?

Leave a comment

Malware Prevalence

Agent
Mytob
Invoice
NetSky
Suspect packers

View this month's full report

Virus Bulletin currently has 148,287 registered users.

Fighting malware and spam