Injection of Unwanted Google AdSense Ads

During the last couple of years, it has become quite prevalent for hackers to monetize compromised sites by injecting unwanted ads. They can be pop-up ads triggered when a visitor spends a certain amount of time on an infected page, or automatic redirection of mobile traffic to URLs that belong to ad networks. It’s not uncommon to see adult ads since networks that work with the porn industry usually allow a higher level of anonymity and have less strict guidelines (if any) on the quality of traffic their partners try to send their way.
Obfuscation Through Ad Network Redirects
Hackers also use smaller ad networks that resell their traffic to larger networks. It is typical to see a malware campaign triggering a chain of 3-5 redirects from one ad network to another. At the end of the chain, the network that serves the malicious ad or landing page has absolutely no clue where the visitor originally came from.
In this way, the black hat (or low quality) traffic is sent through gray hat, intermediary traffic aggregator services, which finally redirect to white hat ad networks. This process helps avoid problems with blocked accounts and complaints because the final ad networks don’t
Source: https://managewp.org/articles/14174/injection-of-unwanted-google-adsense-ads

source https://williechiu40.wordpress.com/2017/01/10/injection-of-unwanted-google-adsense-ads/