Assessment: Multiple redirect campaigns detected driving users to sites like: v.choicegiftcard[dot]club/gift,v.rewardstoday[dot]site/gift, v.rewardsmarket[dot]xyz and bestads[dot]online. Ads are using a number of new techniques to execute problematic behavior including manipulation of the Google tpc.googlesyndication.com call to execute malicious payloads.
Affected Platforms:
SSPs: Rubicon, RhythmOne, Triple Lift (already blocked buyer)
DSP: SmartAdserver
Assessment : Over the past few weeks our block volumes have reached all-time highs and the increase can be traced back to late February as the Covid-19 crisis began to take its toll. Overall our block volume has more than doubled, and as of April we have recorded a 168% increase over the averages from the previous three months (see chart below).
With softer bid density due to reduced ad budgets we are seeing a spike in a host of new threats entering the ecosystem. Our Malware and Redirect bad actors have been as busy as ever but we have seen the largest increase in Trojans which is where the ad directs users to install potentially unwanted programs.
Finally we have unfortunately seen a host of Covid 19 Scams where bad actors are taking advantage of the pandemic by running ads for masks, ventilators, etc. We are finding these ads via our ad scans and then adding to blocklists on a client by client basis. If you have not heard about this option yet from your Account Manager please reach out and we will be happy to tell you more about this new block type.
Assessment: Malicious campaign targeting mobile and desktop devices in the EU. The threat is making use of open source JS libraries and intermittently serving JS that forcefully redirects. Over 10M impressions have been blocked.
Affected Platforms: AppNexus
Assessment: Mobile redirect campaign impacting 8M impressions across the EU.
Affected Platforms: AdX inventory via PreBid.
