Iesnare – What Is It & How It Works?

Iesnare is a sophisticated tool that is designed to counter fraud and was created by a company called Iovation. It works by tracking the information of a user – sounds like a cookie right? Wrong! Iesnare is incredibly powerful and installed directly into your computers system via the browser, unlike cookies that only track browser footprints. Seeing as it’s installed directly on to your computer, bookmakers using Iesnare automatically have a wealth of information on you and your system. What’s more is you do not even need to log in to a site for the programme to be downloaded, sites like Coral will install it onto your machine as soon you land on their site!

Why should I be worried about Iesnare?

Because it’s intrusive to say the least! Due to the information not being deemed personal, Iovation are free to share or sell the information they have collected and they certainly share the information with other bookmakers. It’s not uncommon for lesser known bookmakers to automatically block you or gub you upon sign up if you have been gubbed or restricted by another bookmaker. This is simply because your footprint from Iovation matches your existing computer details. Here’s a list of known things that Iesnare collects from your computer and Iovation seemingly store, forever.

Screen resolution, Device Type e.g. PC, MAC, etc., Operating System e.g. Windows, OS X, Linux, etc., Device Time Zone, JavaScript on/off, Flash on/off, Flash installed?, Flash Version, Flash storage enabled/disabled, Browser Cookies enabled/disabled, Browser Type, Browser Version, Browser character set, Browser Menu Language, Browser Configured Language, IP Address, IP Geolocation: City, IP Geolocation Country Code, IPGeolocation Proxy Flag, IP Geolocation Country Name, IP Geolocation State/Region, IP Geolocation Time Zone, Internet Service Provider (ISP), ISP Organization; Fully-qualified domain name, CPU Count, CPU Speed, Operating System Version, System Model, Component Serial Numbers, MAC Address, DeviceName (MD5 Hash), Device Identifier, Device Locale, Device System Version, OS Build Number, Kernel Version, Kernel Build Number, Flash System Capabilities.

Thankfully there are measures to remove Iesnare from your computer or device, or block it from being installed in the first place!

List of bookies using Iesnare

Well known bookies using Iesnare or who are potentially using Iesnare include:

Iesnare blocking – The complete guide

Currently it’s mainly PC based machines such as Windows or Mac devices that Iesnare can easily worm it’s way into your machine. Devices such as smartphones are a little more complex for Iesnare to wriggle into due to browsers being in a sandboxed mode. That’s not to say it can’t get on your smartphone or tablet though! Bookmaker apps seem like a likely suspect for injecting Iesnare into your device, so be wary when downloading bookmakers apps as Iesnare blocking on these devices is not as simple.

Step 1

The first step in the process is to find out if your computer is infected with Iesnare. Simply run a search for ‘mpsnare’ to see if you have any Iesnare files on your computer.

If there are no files associated with Iesnare, great. If there is delete all the files that appear after you have ran your search. Iesnare will now have been removed from your computer. Now we need to stop it reinfecting your machine.

Step 2

The process to block Iesnare from infecting your machine is a little more complex, but can easily be done by following this guide. We now need to edit the hosts file, this will essentially block Iesnare from being able to infect or install on your computer. To edit this file we must have administration rights, so head over to the Windows start menu and search for Notepad, right click it and hit Run as administrator.

Once we have done this Windows will ask you for additional permissions to open Notepad, click Yes to proceed. Notepad will now open. Now we need to find the hosts file we are going to edit. To do this select File > Open and ensure All Files is selected in the bottom right corner.

Within the file path enter the following line C:\Windows\System32\Drivers\Etc and click open. We will now see a few different files. Locate the ‘hosts‘ file, right click and hit Properties. We then need to uncheck the Read-only box, hit Apply and then OK.

Once we have done this we can now open and edit the hosts file, so go ahead and open it. You should see something that looks like this.

iesnare blocking file

The next step is to add certain lines of text to the hosts file which will block Iesnare for good. Simply download the iesnareblocking text file, copy the text and paste it under the ::1 localhost line. You should end up with this:

iesnare blocking edited file

Now we need to save our edited hosts file and restart the computer for the changes to take affect. Once the computer has restarted we need to ensure the changes have worked and Iesnare if being blocked. To do this head over to the Windows start menu again and open the Command Prompt. The quickest way to do this is to search for ‘cmd‘.

Once Command Prompt is open type in the following: ping mpsnare.iesnare.com and hit enter. We should see a ping result like this:

check iesnare blocking

That’s it! Iesnare has successfully been blocked from you computer and cannot wriggle it’s way back in!

Iesnare Blocking on MAC

The method to blocking Iesnare on MAC is a little different, but only due to the operating system running in a slightly different way. We are currently gathering images from a MacBook to use in this guide, however for now it is a text only guide.

  1. Head over to /Applications/Utilities and launch Terminal. You may also launch through Spotlight.
  2. Add sudo cp /private/etc/hosts ~/Documents/hosts-backup when you are prompted to backup hosts in your documents folder.
  3. When prompted to open the hosts file put sudo nano /private/etc/hosts.
  4. After this you will be prompted to add your administrator password for verification. Please note you will not be able to see the password when typing on the screen so take care to enter in the password correctly, then hit enter.
  5. Once the hosts file has loaded, copy the lines found in the iesnareblockingmac text file and paste them at the bottom of the hosts file.
  6. Press Control+O to save your changes and exit nano by pressing Control+X. Restart your MAC and the changes should have applied.

Final Thoughts

While Iesnare’s primary uses for fraud purposes is perfectly fine, the way bookmakers are abusing the information they can receive from it is just unacceptable. The fact that bookmakers use it in such a sneaky way is frustrating when it takes away the work Iovation have put into developing the software. You may have Iesnare on your computer and never visited a bookmaker – sites like PayPal actively use if for statistical purposes and fraud prevention, the way it was intended to be used.