Entry Details

About the Entry

Category: 
All Content > Impact/Investigative > New England

Title of entry: 
Why the Keitaro TDS keeps causing security headaches

Issue or Publication date:
4/9/2024

Publication name: 
SearchSecurity

View Website home page:
https://www.techtarget.com/searchsecurity/

Links to entry URLs

Please note: These URLs are only required for entries in the Online division categories, or digital entries in appropriate Overall Excellence, Design or All Content division categories.

Entry URL(s), if applicable:
Please enter a URL that will direct judges to the entry: 
https://www.techtarget.com/searchsecurity/feature/Why-the-Keitaro-TDS-keeps-causing-security-headaches

Entry Essay: 
TechTarget's SearchSecurity provides independent, vendor-neutral coverage of enterprise security threats, technology trends and best practices. Geared toward security practitioners, developers, engineers, CISOs and other C-level executives, SearchSecurity articles include breaking news, feature stories and investigative reports as well as analysis from subject matter experts. The site provides readers with comprehensive coverage of the latest cyber attacks, emerging technology and more.
This investigative report examines a small Estonian software company called Keitaro, which provides a traffic distribution system (TDS) and digital ad tracking. Keitaro's TDS has been abused by various cybercriminals over the years in malvertising schemes that hijack web browsers and redirect unsuspecting users to malicious domains that host malware, phishing schemes and other threats. While technology companies such as Microsoft have referred to Keitaro as a "legitimate" TDS vendor, SearchSecurity's investigation discovered a long history of red flags and questionable practices.
Through open-source threat intelligence tools and security vendor reporting, as well as interviews with subject matter experts and a Keitaro executive, SearchSecurity uncovered a pattern of behavior at Keitaro that established its TDS as a valuable tool for a variety of cybercriminals, with little effort from the company to curb the abuse. The investigative report also documented how, according to threat analysts, Keitaro's product has become one of the most widely used TDSes in the threat landscape, despite the company's reputation as a legitimate vendor.