The twisted family tree of the Transponder Gang

Joe Telafici McAfee AVERT
Seth Purdy McAfee AVERT

ABetterInternet. Shopnav. TopMoxie. Ebates. Searchcentrix. TwainTech. MX-Targeting. IPInsight. Dashbar. ZServ. Vx2. All of the aforementioned pieces of adware and spyware may be the result of one large, distributed, and loosely connected organization often referred to as ‘the Transponder Gang’. A group of companies that are often little more than a domain name and skeleton website, but which may all be related in a way that makes the Corleone family tree look straightforward. These components have remarkably evolved self-updating technology, a host of domain names, and a degree of cooperation in the collection and distribution of data that is impossible to imagine amongst independent organizations.

In this session we'll delve into the many variants, parent companies, and convoluted behaviour of this inbred family of potentially unwanted programs, that, by itself, may be responsible for a significant share of the spyware/adware specimens and infestations currently out there. We'll discuss possible approaches to staying on top of this well-organized and funded consortium.

VB Conferences

VB2011 (Barcelona)

VB2010 (Vancouver)

VB2009 (Geneva)

VB2008 (Ottawa)

VB2007 (Vienna)

VB2006 (Montréal)

VB2005 (Dublin)

VB2004 (Chicago)

VB2003 (Toronto)

VB2002 (New Orleans)

VB2001 (Prague)

VB2000 (Orlando)

VB99 (Vancouver)

VB98 (Munich)

VB97 (San Francisco)

VB96 (Brighton)

VB95 (Boston)

VB94 (Jersey)

VB93 (Amsterdam)

VB92 (Edinburgh)

VB91 (Jersey)

‘An excellent conference. The schedule ran very precisely and the flow of the conference was very good.’

Poll

Do you use the same password(s) across multiple websites?

Leave a comment
View 4 comments

VB2010

VB2010 will take place 29 September-1 October 2009 at the Westin Bayshore, Vancouver, BC, Canada. Early bird discount available until 15th June 2010.

Virus Bulletin currently has 190,364 registered users.

Fighting malware and spam