Assessment: Redirect campaign emerged 6/13 targeting iPhone and iPads devices across the US. The campaign utilized a handful of s3 script files attempting to drive traffic to various .icu domains.
Affected platforms: Beachfront Media
Hijacked creative:
Assessment: New rash of redirects targeting US & Germany mobile and desktop devices. Over 1.5M ads blocked over a 3 day period. Various CloudFront endpoints are being used to load analytics libraries hosting malicious content.
Affected Platforms: TradeDesk >> AppNexus
Ad Creative:
Assessment: Multiple redirect campaigns detected driving users to sites like: v.choicegiftcard[dot]club/gift,v.rewardstoday[dot]site/gift, v.rewardsmarket[dot]xyz and bestads[dot]online. Ads are using a number of new techniques to execute problematic behavior including manipulation of the Google tpc.googlesyndication.com call to execute malicious payloads.
Affected Platforms:
SSPs: Rubicon, RhythmOne, Triple Lift (already blocked buyer)
DSP: SmartAdserver
Assessment : Over the past few weeks our block volumes have reached all-time highs and the increase can be traced back to late February as the Covid-19 crisis began to take its toll. Overall our block volume has more than doubled, and as of April we have recorded a 168% increase over the averages from the previous three months (see chart below).
With softer bid density due to reduced ad budgets we are seeing a spike in a host of new threats entering the ecosystem. Our Malware and Redirect bad actors have been as busy as ever but we have seen the largest increase in Trojans which is where the ad directs users to install potentially unwanted programs.
Finally we have unfortunately seen a host of Covid 19 Scams where bad actors are taking advantage of the pandemic by running ads for masks, ventilators, etc. We are finding these ads via our ad scans and then adding to blocklists on a client by client basis. If you have not heard about this option yet from your Account Manager please reach out and we will be happy to tell you more about this new block type.
