Black Hat USA 2025 | No Hoodies Here: Organized Crime in AdTech
For nearly a decade, traffic distribution systems (TDSs) have enabled cybercriminals to hide the true nature of their operations. A TDS serves not only to 'cloak' their activity but also to ensure that victims are 'delivered' to the malicious bait they are most likely to take. These systems are so complex that they are often disregarded with off-hand references to 'a bunch of redirects,' but TDSs are critical enablers to a wide range of crime, from scams to information stealers. In this talk, we will unveil the true identity and nature of one of the most pervasive TDS operators in the landscape, which serves as a cautionary tale of how organized crime actors have created an adtech sector unnoticed by the security community. VexTrio operates the oldest documented (dating back to 2015), most prolific criminal TDS. For years, it was assumed that VexTrio was a gang of 'hackers in hoodies' operating in the dark web as part of the underground economy. In reality, VexTrio operates in the corporate world and their activities go far beyond traffic distribution. They run a vast enterprise that includes dozens of companies across adjacent industries (not just adtech) on multiple continents. We'll share how we unraveled their operations and how they responded to coordinated exposure, cementing our confidence in the conclusions. Unmasking VexTrio has been a watershed moment in understanding the role of organized crime within the adtech industry. Numerous other syndicates were discovered as a result, as well as their affiliations with one another. With this new perspective, attendees working in threat intelligence will see TDS in a different light, allowing them to help advance the industry's knowledge and capabilities to fight against malicious adtech. While at the same time, attendees working in defender positions will understand events in their own network better. By: Renée Burton | VP of Threat Intel, Infoblox Dave Mitchell | Senior Director, Threat Intel, Infoblox Christopher Kim | Senior Staff Threat Researcher, Infoblox Full Session Details Available at: https://blackhat.com/us-25/briefings/...

Why Ukraine's 6-Ton 'Flamingo' Missile Could Change the War | War on Tape | Daily Mail

Neil deGrasse Tyson: The Whistleblowers Were Right About Aliens

Black Hat USA 2025 Keynote | Chronicles of Counter-Intelligence from the Citizen Lab

Black Hat USA 2025 | The First 30 Months of Psychological Manipulation of Humans by AI

Black Hat USA 2025 | China's 5+ Year Campaign to Penetrate Perimeter Network Defenses

Every Way Meta Tracks You, and How to Fight Back

AI Security Chaos at Black Hat 2025: Can We Even Keep Up?

The Most Mysterious File On The Internet

Claude is your insider threat now - Dan Tentler - Security Fest 2026

Black Hat USA 2025 | HTTP/1.1 Must Die! The Desync Endgame

How The Dark Web Actually Works | How Crime Works | Insider

AI Bubble vs Dot Com Crash. History is REPEATING

We Uncovered Amazon’s Scheme To Inflate Prices Everywhere

How cyber-crime has become organised warfare | Four Corners

Why Israel is the World's Top Hacking Nation | VICE: Cyberwar | Blueprint

LAWYER: How to Stop Cops From Using This NEW Tech to Spy on You
![Nicholas Carlini - Black-hat LLMs | [un]prompted 2026](https://i.ytimg.com/vi/1sd26pWhfmg/hqdefault.jpg?sqp=-oaymwE9CNACELwBSFryq4qpAy8IARUAAAAAGAElAADIQj0AgKJDeAHwAQH4Af4JgALQBYoCDAgAEAEYciBmKDYwDw==&rs=AOn4CLBn1sRfbeYcMnkqD2mtRZhq1TO6JQ)
Nicholas Carlini - Black-hat LLMs | [un]prompted 2026

Edward Snowden Reveals How They Spy on You

Black Hat USA 2025 | Weaponization of Cellular Based IoT Technology

