June 28 - July 1

Assessment:  Emerging redirect campaign detected and blocked.  The ads are loading a malicious cloudfront script that subsequently loads fingerprinting logic to determine if the user is on a mobile device, and will perform a redirect if it's an iPhone.  If not, it's loading the hijacked ad campaign below.

Additional Details:  Campaign has been targeted to US residents only.  Primarily one SSP appears to be impacted.  Originating DSP is PocketMath.

Signature Trend Line

Hijacked Creative

`` `` ``