Description:
Malicious scripts that redirect visitors to third-party sites via affiliate links of ad networks powered by OpenX software. The scripts may be obfuscated and they can use intermediary URLs (e.g. shortened URLs) but the real redirect URL will be something like:
hxxps://onclkds[.]com/afu.php?zoneid=1157984 hxxp://go.ad2up[.]com/afu.php?id=473791 hxxp://go.padsdel[.]com/afu.php?id=609542
Affecting: Any web site (no specific target).