Researchers say the bad actor behind the malvertising campaign is still active to this day. Malvertising campaigns typically inject malicious code into legitimate online ads and webpages. In this case, the ad unit forcefully redirects mobile users to adult content and gift card scams. These landing pages typically impersonated Google Play apps, making them appear more legitimate, researchers said. Almost 60 percent of Confiant s customers were impacted by the campaign, and the attacker raked in to the tone of $1 million in 2 days.
Source: https://threatpost.com/widespread-malvertising-campaign-hijacks-300-million-sessions/139393/