Pixalate is determined to address a bot it calls "Xindi" that’s destroying computers at Fortune 500 companies and universities, as well as the advertising ecosystem. Trekkies will recognize the name: Xindi is a reference to six fictional races from the "Star Trek: Enterprise TV" series.
On Wednesday, Pixalate will release a report on its discovery of Xindi, the Windows-based botnet designed to exploit a critical vulnerability in the Internet advertising protocol (Open RTB v2.3). The bot has infected up to 8 million computers and turned them into botnets that launch attacks on ad exchanges.
Pixalate reports that in 2014, Xindi compromised machines at companies like Wells Fargo, Citigroup, General Motors, Marriott International and Columbia University. The bot uses hacking strategies like drive-by downloads, malware and phishing attacks, or by using social engineering tactics. Once installed, it begins overwriting system configuration settings, such as the default search engine and the host file contents, to corrupt a machine.
Pixalate estimates that Xindi is costing advertisers an estimated $246 million per month. It studied traffic patterns and found the bot is attacking programmatic advertising. “It’s sending ad requests to ad exchanges and when it gets the ads back it doesn’t render them on the browser, it hoards them and a couple of hours later, it actually shows the ad,” said Amin Bandeali, CTO. It inflicts the maximum amount of damage in the shortest amount of time.
Here’s an example: Take Expedia. You want to book a ticket to San Francisco, you try to pay for the ticket and may get a blank page and worry that the transaction hasn't gone through. You keep refreshing the page looking for the transaction you just made and proceed to receive several emails before realizing that you’ve spent thousands of dollars. And the bidders don’t know if the ad was rendered.
Pixalate’s solution is a patch, and it also proposes changing the protocols via the Open RTB Working Group.
“We identified the problem and we’re helping the industry to get rid of it,” Bandeali said.
Among the report’s findings: