We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads.