Assessment: Latest campaign in a series that all abuse websocket functionality to forcefully redirect the page when a user is on a mobile device but serves an actual image if they determine the user is on a PC or otherwise should not be redirected. We have seen the campaign continue to acquire new domains to avoid detection and we are investigating additional related domains to prevent the spread of this threat.
Affected Platforms: Common path has been the Voluum DSP via Pubmatic.
