Assessment: A previously identified redirect campaign was reactivated this past weekend.  This campaign leverages Google CDNs to dynamically host malicious content.

Additional Details: To date, almost 1M impressions have been blocked across both iPhone and Android devices.

Assessment: We’ve started tracking a signature that looks to be attempting to do video stuffing.

Additional Details:  Currently, only a handful of publishers have been impacted, but we're continuing to monitor this campaign.

Assessment: Ongoing malicious activity leveraging websockets - to fingerprint a user’s browser and load additional known malicious domains - attached to legit creative scripts. Affected platforms: Sizmek and AOL/AdTech

Additional Details: To date, over 1M ads have been impacted and blocked across Ad Lightning’s partners

Assessment:  Small uptick in redirect activity originating from the Avazu platform targeting iOS users on iPhone and iPad Safari.

Additional Details:  Signature has been identified and blocked across 30+% of  Ad Lightning's clients.

Assessment:  Two additional active threats have been identified and blocked. 

  • Campaign #1:  Two separate creatives have been hijacked by what appears to be a fraudulent Appnexus "reseller", causing redirects across various Publishers.  Campaigns are heavily targeted towards iPad/Safari and are utilizing the images below.
  • Campaign #2:  Three new malicious signatures have been identified that follow similar patterns of obfuscated code attached to legit creative payloads, driving unwanted behaviors for iPhone users.  Originating DSP for this campaign has primarily been identified as AdMixer.

Additional Details:  To date, 1M ads have been impacted across Ad Lightning's partners.

Examples of Hijacked Creatives:

Read More
`` `` ``