Malwarebytes says a video converter site was hacked to display malvertising that loads the GreenFlash Sundown exploit kit. This exploit kit would then drop the SEON Ransomware, Pony information stealing Trojan, and miners on a vulnerable computer. The ad server for onlinevideoconverter[.]com had over 200 million visitors per month and is the 159th largest site in the world. This month alone, we have now seen three different ransomware families being distributed using this type of attack.
Source: https://www.bleepingcomputer.com/news/security/hacked-ad-server-pushes-seon-ransomware-trojans-via-malvertising/