A large-scale malvertising campaign exposed millions of Internet users in the United States, Canada, the UK, and Australia to malware infections. The Kovter malware is known for its unique persistence mechanism, allowing the malware to load itself after every reboot of the infected host. Kovtar malware is well known for distributingthat was used in 2015 malicious ad campaign s, and most recently earlier in 2017 KovCoreG hacking group. The attackers used a number of filters and fingerprinting of “r,” in an effort to target users and evade analysis.
Source: https://thehackernews.com/2017/10/online-malvertising-attack.html