Assessment:  Emerging redirect campaign detected and blocked.  The ads are loading a malicious cloudfront script that subsequently loads fingerprinting logic to determine if the user is on a mobile device, and will perform a redirect if it's an iPhone.  If not, it's loading the hijacked ad campaign below.

Additional Details:  Campaign has been targeted to US residents only.  Primarily one SSP appears to be impacted.  Originating DSP is PocketMath.

Signature Trend Line

Hijacked Creative

Read More

Assessment:  Currently blocking an increase in malicious activity in the US & UK impacting over 360 domains and 60% of Ad Lightning publishers.  

Additional Details:  Campaign is targeted specifically to mobile, primarily iPhone and at least 3 major SSPs.  As of 6/27 this signature has been blocked across ADL partners almost 1M times.

Assessment: Emerging redirect threat impacting over 40% of Publisher clients.  Spiked on 6/22, continuing through the weekend.  Accounted for 10% of weekend blocks.

Additional Details: Multiple SSPs have been impacted.  Originated with The Trade Desk DSP.

Assessment: Spike in malicious activity across 663 domains impacting almost 1.2 million ads protected by Ad Lightning.

Additional Details: Originating DSP was The Trade Desk.

Assessment: Ad Lightning identified and blocked a small increase in malicious ads leading into the weekend. Over 90 domains were impacted and protected.

Additional Details: Multiple CDNs are being utilized to host dynamic content (Amazon, Cloudfront) in order to deliver malware.

`` `` ``