Once Vastflux won the auction for an ad, the group would insert some malicious JavaScript code into that ad to stealthily allow multiple video ads to be stacked on top of each other. Put simply, the attackers were able to hijack the advertising system so that when a phone was displaying an ad within an affected
