Uncovered investigation reveals a hazardous adtech network, with ties to cybercriminals starting to surface
In a recent report by Infoblox Threat Intel, the AdTech holding company Vane Viper has been unmasked as a malicious network operating within the digital marketing sector. This malicious network, which is the parent company of the banned ad network PropellerAds, has been linked to various cyber threats and fraudulent activities.
Vane Viper's infrastructure overlaps with Webzilla/XBT Holdings, which have previously been associated with Methbot ad fraud, Russian disinformation campaigns, and piracy platforms. The network comprises over 60,000 domains, many of which are active for only a few days, but some persist for over 1,200 days.
The malicious network employs push notification abuse, traffic distribution systems (TDS), and cloaking techniques to remain undetected. Vane Viper is involved in digital fraud campaigns and has directly served malware to Infoblox's researchers multiple times.
The unchecked growth of the AdTech industry undermines the digital security of users worldwide in the name of monetization. The digital advertising ecosystem was designed to be fast and profitable, not transparent to users. This lack of transparency provides attackers with opportunities to exploit the system and harm internet users.
Vane Viper resembles VexTrio Viper, another malicious network, and both networks emerged almost simultaneously in 2015. Vane Viper, previously known as Omnatuor, supports fraud and malware distribution through its affiliate advertising programs. Malvertising domains associated with Vane Viper are found in around 50% of Infoblox's customer networks.
The AdTech industry is not without its risks. Platforms like AdTech Holding offer high reach for advertisers but harbor unforeseen risks. To combat these threats, Infoblox has introduced token-based security licenses.
It's important to note that the article does not provide specific details about the connection between Infoblox and the cyber threat 'Hazy Hawk', or how the AI boom leaves advisors behind. However, the exposure of Vane Viper serves as a reminder of the need for increased vigilance and transparency in the AdTech sector.
For a more comprehensive understanding of the topic, readers are encouraged to read the full blog post on Vane Viper. The Russian diaspora groups connected to Vane Viper and PropellerAds, according to the Infoblox Threat Intel report, include certain Russian-speaking communities in Europe and Cyprus involved in cyber advertising operations.
In conclusion, the malicious network Vane Viper operates within the AdTech sector, demonstrating the risks associated with the industry. It's crucial for both users and advertisers to be aware of these risks and take necessary measures to ensure digital security.
