A naukri.com initiative
Infoblox
2w
321
Image Credit: Infoblox
Vexing and Vicious: The Eerie Relationship between WordPress Hackers and an Adtech Cabal
- An observational study perturbing VexTrio led to revelations of shared traffic distribution systems (TDS) and software elements with commercial adtech firms, benefiting from malware relationships.
- Los Pollos, exposed as part of VexTrio, halted push link monetization, leading to compromised websites updating to a new TDS named Help TDS.
- DNS TXT record campaigns revealed two distinct sets of C2 servers redirecting to VexTrio and Help TDS following Los Pollos' announcement.
- Help TDS's relationship with VexTrio was uncovered to be longstanding, with other TDSs like Partners House and BroPush sharing common characteristics.
- Malware operators' use of commercial adtech firms could expose their identities through affiliate networks, potentially leading to their downfall.
- The article delves into TDS behaviors, DNS connections, and affiliates' interactions, uncovering the complexities of the malicious adtech ecosystem.
- Detailed analysis of rare artifacts, codebases, and lures shared among TDSs highlights the interconnected nature of the malicious adtech landscape.
- Affiliate networks such as VexTrio, Partners House, and BroPush utilize deceptive tactics for push advertising, potentially exploiting victims worldwide.
- The article shines a light on the intricate web linking malicious TDS operators, affiliate networks, and website hackers, revealing patterns and shared resources.
Read Full Article
19 Likes
For uninterrupted reading, download the app