The twisted family tree of the Transponder Gang presented at Virus Bulletin 2005

by Joe Telafici (Mcafee avert),


Summary : "
ABetterInternet. Shopnav. TopMoxie. Ebates. Searchcentrix. TwainTech. MX-Targeting. IPInsight. Dashbar. ZServ. Vx2. All of the aforementioned pieces of adware and spyware may be the result of one large, distributed, and loosely connected organization often referred to as ‘the Transponder Gang’. A group of companies that are often little more than a domain name and skeleton website, but which may all be related in a way that makes the Corleone family tree look straightforward. These components have remarkably evolved self-updating technology, a host of domain names, and a degree of cooperation in the collection and distribution of data that is impossible to imagine amongst independent organizations.
In this session we'll delve into the many variants, parent companies, and convoluted behaviour of this inbred family of potentially unwanted programs, that, by itself, may be responsible for a significant share of the spyware/adware specimens and infestations currently out there. We'll discuss possible approaches to staying on top of this well-organized and funded consortium.