https://blog.malwarebytes.com/threat-analysis/2019/07/exploit-kits-summer-2019-review/
Threat actors continue to buy traffic from ad networks and use malvertising as their primary delivery method. Leveraging user profiling (their browser type and version, country of origin, etc.) from ad platforms, criminals are able to maintain decent load rates (successful infection per drive-by attempts).
